exam questions

Exam Associate Cloud Engineer All Questions

View all questions & answers for the Associate Cloud Engineer exam

Exam Associate Cloud Engineer topic 1 question 215 discussion

Actual exam question from Google's Associate Cloud Engineer
Question #: 215
Topic #: 1
[All Associate Cloud Engineer Questions]

Your company requires all developers to have the same permissions, regardless of the Google Cloud project they are working on. Your company’s security policy also restricts developer permissions to Compute Engine, Cloud Functions, and Cloud SQL. You want to implement the security policy with minimal effort. What should you do?

  • A. • Create a custom role with Compute Engine, Cloud Functions, and Cloud SQL permissions in one project within the Google Cloud organization.
    • Copy the role across all projects created within the organization with the gcloud iam roles copy command.
    • Assign the role to developers in those projects.
  • B. • Add all developers to a Google group in Google Groups for Workspace.
    • Assign the predefined role of Compute Admin to the Google group at the Google Cloud organization level.
  • C. • Add all developers to a Google group in Cloud Identity.
    • Assign predefined roles for Compute Engine, Cloud Functions, and Cloud SQL permissions to the Google group for each project in the Google Cloud organization.
  • D. • Add all developers to a Google group in Cloud Identity.
    • Create a custom role with Compute Engine, Cloud Functions, and Cloud SQL permissions at the Google Cloud organization level.
    • Assign the custom role to the Google group.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
PiperMe
9 months, 1 week ago
Selected Answer: D
D combines the security of a custom role tailored to the company's policy with the ease of management provided by organization-level assignment to a Cloud Identity group.
upvoted 3 times
...
leoalvarezh
9 months, 3 weeks ago
Selected Answer: D
Best practise is to use predefined roles but in this case we need to apply some restrictions about our company's security policy so I think D is the valid response.
upvoted 2 times
...
joao_01
1 year, 2 months ago
Selected Answer: D
I vote for D
upvoted 4 times
...
joao_01
1 year, 2 months ago
I vote for D
upvoted 1 times
...
Captain1212
1 year, 2 months ago
d is the correct answer
upvoted 2 times
...
scanner2
1 year, 3 months ago
Selected Answer: D
Permissions provided at the Organization level are inherited to the folder level and project level.
upvoted 1 times
...
gpais
1 year, 3 months ago
Selected Answer: C
Use predefined roles: Use predefined roles, such as “Editor” or “Viewer”, instead of creating custom roles. This makes it easier to understand the level of access associated with a role.Use custom roles: Create custom roles when predefined roles do not meet the specific needs of your organization. In the link below: https://cloud.google.com/iam/docs/roles-overview#custom When to use custom roles In most situations, you should be able to use predefined roles instead of custom roles. Predefined roles are maintained by Google, and are updated automatically when new permissions, features, or services are added to Google Cloud. In contrast, custom roles are not maintained by Google; when Google Cloud adds new permissions, features, or services, your custom roles will not be updated automatically.
upvoted 3 times
...
3arle
1 year, 4 months ago
Selected Answer: D
only D meets best practices
upvoted 1 times
...
shreykul
1 year, 4 months ago
Selected Answer: D
https://www.cloudskillsboost.google/focuses/1035?parent=catalog#:~:text=custom%20role%20at%20the%20organization%20level
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago