Google Cloud Professional Cloud Security Engineer Practice Exam

Disable ads (and more) with a membership for a one time $4.99 payment

Prepare for the Google Cloud Professional Cloud Security Engineer Exam with our interactive quiz. Study with flashcards and multiple-choice questions, complete with hints and explanations. Ace your exam with confidence!

Practice this question and more.

What Google Cloud feature is essential for protecting sensitive workloads from boot-level malware?

Google Kubernetes Engine.
Google Shielded VMs.
Cloud Pub/Sub.
Cloud Functions.

The correct answer is: Google Shielded VMs.

Google Shielded VMs are essential for protecting sensitive workloads from boot-level malware because they provide a hardened environment specifically designed to ensure the integrity of the virtual machine (VM) and its boot process. Shielded VMs incorporate several security features, including secure boot, which verifies the digital signatures of boot components to prevent unauthorized code from running during the boot process, and the virtual trusted platform module (vTPM), which helps in establishing a root of trust and secure storage for sensitive data and cryptographic keys. In addition to secure boot, Shielded VMs also include features like integrity monitoring, ensuring that any changes to the system are detected and reported. This level of protection is vital for sensitive workloads that, if compromised at the boot level, could have dire consequences for data integrity and security. The other options do not provide this specific level of boot integrity and protection against lower-level threats. Google Kubernetes Engine focuses on managing containerized applications, Cloud Pub/Sub serves as a messaging service for event-driven systems, and Cloud Functions allows for serverless computing but does not incorporate the specific boot protection features provided by Shielded VMs. Therefore, for safeguarding workloads against boot-level malware, Google Shielded VMs is the appropriate choice.