Exam Professional Cloud Security Engineer topic 1 question 191 discussion

BeyondCorp and Access Policies: BeyondCorp is a Google Cloud security framework that focuses on zero-trust principles. Access Policies within BeyondCorp allow you to define granular access controls based on various attributes, including device certificates.

must be A

Employees at your company use their personal computers to access your organization's Google Cloud console. You need to ensure that users can only access the Google Cloud console from their corporate-issued devices and verify that they have a valid enterprise certificate. What should you do? A. Implement an Access Policy in BeyondCorp Enterprise to verify the device certificate. Create an access binding with the access policy just created. B. Implement a VPC firewall policy. Activate packet inspection and create an allow rule to validate and verify the device certificate. C. Implement an organization policy to verify the certificate from the access context. D. Implement an Identity and Access Management (IAM) conditional policy to verify the device certificate.

A. Implement an Access Policy in BeyondCorp Enterprise to verify the device certificate. Create an access binding with the access policy just created. This approach is designed to enforce zero-trust access policies, making it a strong fit for the stated needs of only allowing access from corporate-issued devices with valid enterprise certificates.

Only option A speaks about device here remaining all false

A is the correct

A https://cloud.google.com/beyondcorp?hl=pt-br