Practice Test 4 | Google Cloud Certified Professional Cloud Architect | Dumps | Mock Test
Your team has created a set of applications that will run in GCP. IT Management wants to activate and standardize a simple but effective security system. You have prepared a list of possibilities and features that you can use. You realize that some choices must be discarded because they are not safe enough or even wrong.
What solutions would you, recommend at the end? (Choose 3)
A. Google groups for each category of users with associated roles
B. Service Accounts related to your applications
C. G Suite or Cloud Identity domains with associated roles
D. Service Accounts related to your VMs
E. Service Accounts related to your K8s Clusters
Correct Answers – A, B, D
A is correct. As per google’s best practices, this is the best way to manage the access and users.
B is correct. You can authorize users via Cloud Identity-Aware Proxy (IAP). They do not require direct access to the underlying GCP resources—just to the web app that utilizes the GCP resources.
C is wrong. Feasible, but not advisable. Burdensome and difficult to maintain.
D is correct. You create the basic Service Accounts and link them to the VMs. So, users that have access to the VM, inherit all the authorizations needed
E is incorrect. Service Accounts are associated with your pods and not clusters.
Service Accounts related to your applications
Service Accounts related to your VMs
For more details, please visit the following links:
Comments are closed, but trackbacks and pingbacks are open.