Ace your certifications with Practice Exams and AI assistance.

Medium1 markMultiple Choice

GCP PCA · Question 31 · Domain 4: Analyzing and Optimizing Technical and Business Processes

To ensure software supply chain security, your CISO requires that only container images verified by the QA team can be deployed to the production GKE cluster. Which combination of services achieves this?

Answer options:

Cloud Source Repositories and Cloud Armor.

Cloud Build, Artifact Registry, and Binary Authorization.

Jenkins and Identity-Aware Proxy.

Security Command Center and Cloud DLP.

How to approach this question

Identify the GCP service for container deployment enforcement.

B.Cloud Build, Artifact Registry, and Binary Authorization.✓ Correct

Binary Authorization works with GKE to ensure only trusted, signed container images (attested by QA via Cloud Build/Artifact Registry) are deployed.

Thinking IAM alone can prevent untrusted image deployment.

50 questions · hints · full answers · grading