Configuring Access and Security (20%)ACE Study Guide

GCP IAM and Service Accounts

Objective 5.1 · Security Compliance

GCP Security Services

Objective 5.2 · Security Compliance

GCP IAM Roles: Primitive, Predefined, Custom

Objective 5.1 · Security Compliance

GCP Service Accounts and Workload Identity

Objective 5.1 · Security Compliance

VPC Service Controls

Objective 5.2 · Security Compliance

Cloud Armor WAF and DDoS Protection

Objective 5.2 · Security Compliance

GCP Organization Policies

Objective 5.1 · Security Compliance

Confidential Computing on GCP

Objective 5.2 · Security Compliance

GKE Workload Identity

Objective 5.1 · Security Compliance

GKE Binary Authorization

Objective 5.2 · Security Compliance

GKE Private Clusters

Objective 5.2 · Security Compliance

Cloud Run VPC Connector

Objective 5.2 · Security Compliance

App Engine Security and IAP

Objective 5.2 · Security Compliance

Cloud Intrusion Detection System (IDS)

Objective 5.2 · Security Compliance

Cloud Data Loss Prevention (DLP) API

Objective 5.2 · Security Compliance

Cloud KMS and Customer-Managed Keys

Objective 5.2 · Security Compliance

Cloud HSM for Hardware Security

Objective 5.2 · Security Compliance

Secret Manager for Credentials

Objective 5.1 · Security Compliance

Binary Authorization for Supply Chain Security

Objective 5.2 · Security Compliance

Cloud Asset Inventory

Objective 5.1 · Security Compliance

Security Command Center (SCC)

Objective 5.2 · Security Compliance

Security Command Center Premium Findings

Objective 5.2 · Security Compliance

Access Transparency and Access Approval

Objective 5.1 · Security Compliance

Cloud Storage Bucket Security

Objective 5.2 · Security Compliance

BigQuery Authorized Views for Access Control

Objective 5.1 · Security Compliance

Service Account Key Management

Objective 5.1 · Security Compliance

Policy Intelligence and IAM Recommender

Objective 5.1 · Security Compliance

IAM Audit Logging and Data Access Logs

Objective 5.1 · Security Compliance