Weekend Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ac4s65

Your organization develops software involved in many open source projects and is concerned about software...

Google Professional-Cloud-Security-Engineer Full Course Access
Google Professional-Cloud-Security-Engineer View All Questions

Your organization develops software involved in many open source projects and is concerned about software supply chain threats You need to deliver provenance for the build to demonstrate the software is untampered.

What should you do?

A.

• 1- Generate Supply Chain Levels for Software Artifacts (SLSA) level 3 assurance by using Cloud Build.

• 2. View the build provenance in the Security insights side panel within the Google Cloud console.

B.

• 1. Review the software process.

• 2. Generate private and public key pairs and use Pretty Good Privacy (PGP) protocols to sign the output software artifacts together with a file containing the address of your enterprise and point of contact.

• 3. Publish the PGP signed attestation to your public web page.

C.

• 1, Publish the software code on GitHub as open source.

• 2. Establish a bug bounty program, and encourage the open source community to review, report, and fix the vulnerabilities.

D.

• 1. Hire an external auditor to review and provide provenance

• 2. Define the scope and conditions.

• 3. Get support from the Security department or representative.

• 4. Publish the attestation to your public web page.

Professional-Cloud-Security-Engineer PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now Professional-Cloud-Security-Engineer pdf
Get 65% Discount on All Products, Use Coupon: "ac4s65"
Next
You are backing up application logs to a shared Cloud Storage bucket that is accessible...
Your organization is using Vertex AI Workbench Instances.
Previous