exam questions

Exam Associate Cloud Engineer All Questions

View all questions & answers for the Associate Cloud Engineer exam

Exam Associate Cloud Engineer topic 1 question 223 discussion

Actual exam question from Google's Associate Cloud Engineer
Question #: 223
Topic #: 1
[All Associate Cloud Engineer Questions]

Your company is using Google Workspace to manage employee accounts. Anticipated growth will increase the number of personnel from 100 employees to 1,000 employees within 2 years. Most employees will need access to your company’s Google Cloud account. The systems and processes will need to support 10x growth without performance degradation, unnecessary complexity, or security issues. What should you do?

  • A. Migrate the users to Active Directory. Connect the Human Resources system to Active Directory. Turn on Google Cloud Directory Sync (GCDS) for Cloud Identity. Turn on Identity Federation from Cloud Identity to Active Directory.
  • B. Organize the users in Cloud Identity into groups. Enforce multi-factor authentication in Cloud Identity.
  • C. Turn on identity federation between Cloud Identity and Google Workspace. Enforce multi-factor authentication for domain wide delegation.
  • D. Use a third-party identity provider service through federation. Synchronize the users from Google Workplace to the third-party provider in real time.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
0verK0alafied
Highly Voted 1 year ago
Selected Answer: B
Why would you need to federate the identities for Cloud ID and Workspace accounts? It's the same thing! I have a dev gcp org doing exactly this...
upvoted 12 times
...
gpais
Highly Voted 1 year, 4 months ago
Selected Answer: C
I think C is the best
upvoted 5 times
...
ccpmad
Most Recent 6 months, 2 weeks ago
Selected Answer: B
Google Cloud Identity is Google’s identity provider (idP) that is used by both Workspace and Google Cloud. First, I thought it was C, but there is not identity federation between Cloud Identity and Workspace, because Cloud identity goes first and it is used by GCP, Workspace or other Google services. Moreover, By default, Cloud Identity Free includes 50 free licenses
upvoted 1 times
...
sukouto
9 months ago
Selected Answer: B
According to the following article, Google Workspace already allows access to Google Cloud platform, so there should be no need for "identity federation between Cloud Identity and Google Workspace" (which I cannot find documentation about). C is out. https://cloud.google.com/iam/docs/user-identities A and D are out because Google is not going to suggest you use some other identity provider, lol
upvoted 3 times
...
PiperMe
9 months, 1 week ago
Selected Answer: C
I see everyone is split here, but I like C best. Option C provides a streamlined and secure way to accommodate growth within the Google ecosystem. It prioritizes both ease of management and security. You already use Workspace for user management... Adding Active Directory adds complexity and is unnecessary; A is out. While improving security and organization, it doesn't directly solve the issue of seamless access to GCP resources or address user management as you scale; B is out…. While some scenarios might justify it, you're already using Google Workspace for identity. This option adds complexity, cost, and an extra system to manage; D is out….
upvoted 1 times
...
leoalvarezh
9 months, 2 weeks ago
Selected Answer: C
I think B helps to manage but the answer in this scenario is C due to allows for seamless integration between user accounts in both services
upvoted 1 times
...
blackBeard33
9 months, 3 weeks ago
Selected Answer: B
I choose B.
upvoted 2 times
...
KelvinToo
11 months, 1 week ago
Selected Answer: A
Per ChatGPT, Option A is the most suitable choice as it leverages the scalability and centralization capabilities of Active Directory, integrates with existing systems, and ensures seamless user management and authentication across Google Workspace and Google Cloud, aligning with the requirements for anticipated growth without introducing unnecessary complexity or security issues.
upvoted 1 times
PiperMe
9 months, 1 week ago
Please stop using ChatGPT. Active Directory is Azure. This adds significant overhead in setup and management of a new directory system. Integrating it with both Workspace and Google Cloud increases complexity.
upvoted 2 times
...
...
carlalap
1 year ago
Answer is A. It is talking about long term. This option can support 10x growth without performance degradation, unnecessary complexity, or security issues, as it leverages the scalability, reliability, and security of Active Directory and Cloud Identity.
upvoted 1 times
...
taylz876
1 year, 1 month ago
Selected Answer: C
• Option C involves setting up a connection between Cloud Identity (which is used for Google Workspace) and Google Cloud. This connection simplifies managing user accounts for Google Cloud services. • It enforces an extra layer of security by requiring multi-factor authentication, which is essential for protecting user accounts and data. • This solution aligns with your company's growth plans, as it accommodates an increase in users from 100 to 1,000 without adding unnecessary complexity or performance issues. So, by selecting option C, you're ensuring a scalable, secure, and straightforward way to manage user access as your company expands.
upvoted 2 times
Vovtchick
1 year ago
ChatGPT is not always right, you know :)
upvoted 6 times
vaibhavCodian
1 year ago
What would you choose, Sir ?
upvoted 1 times
...
...
...
Ben_oso
1 year, 2 months ago
Selected Answer: A
I think its A
upvoted 3 times
...
Gregwaw
1 year, 2 months ago
Selected Answer: B
There is nothing like "identity federation between Cloud Identity and Google Workspace". You can only add Cloud Identity Free to your existing account. You can manage users using Cloud Identity without adding all of them to Google Workspace. Groups will help to manage the increased number of users. Therefore B answer is correct.
upvoted 3 times
panihe
1 year ago
https://cloud.google.com/workforce-identity-federation?hl=en
upvoted 1 times
...
...
Captain1212
1 year, 2 months ago
Selected Answer: C
c is right
upvoted 1 times
...
NoCrapEva
1 year, 3 months ago
Selected Answer: C
(a) If you already administer a Google Workspace account and want to enable more users to use Google Cloud, you might not want to assign all users a Google Workspace license. In this case, add Cloud Identity Free to your existing account. You can then onboard more users without additional charge and decide which users should have access to Google Workspace by assigning them a Google Workspace license.. (b) To let your users collaborate by using Google Workspace, and to minimize administrative overhead, it's best to manage all users through a single Cloud Identity or Google Workspace account and provide a single user account to each individual. This approach helps ensure that settings such as password policies, single sign-on, and two-step verification are consistently applied to all users. ref: https://cloud.google.com/architecture/identity/best-practices-for-planning
upvoted 2 times
...
Shivamwalia
1 year, 3 months ago
Why not A?
upvoted 1 times
rahulrauki
1 year, 2 months ago
They need reduced complexity, while this works, we skip one step (active directory) by linking cloud identity with workspace
upvoted 1 times
...
...
[Removed]
1 year, 3 months ago
Selected Answer: B
https://cloud.google.com/architecture/identity/best-practices-for-planning
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago