Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Security Engineer All Questions

View all questions & answers for the Professional Cloud Security Engineer exam
Go to Exam

Exam Professional Cloud Security Engineer topic 1 question 254 discussion

Actual exam question from Google's Professional Cloud Security Engineer
Question #: 254
Topic #: 1
[All Professional Cloud Security Engineer Questions]

Your organization has applications that run in multiple clouds. The applications require access to a Google Cloud resource running in your project. You must use short-lived access credentials to maintain security across the clouds. What should you do?

  • A. Create a managed workload identity. Bind an attested identity to the Compute Engine workload.
  • B. Create a service account key. Download the key to each application that requires access to the Google Cloud resource.
  • C. Create a workload identity pool with a workload identity provider for each external cloud. Set up a service account and add an IAM binding for impersonation.
  • D. Create a VPC firewall rule for ingress traffic with an allowlist of the IP ranges of the external cloud applications.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by yokoyan at Sept. 6, 2024, 1:23 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
koo_kai
1 month, 1 week ago
Selected Answer: C
It"s C
upvoted 2 times
...
1e22522
2 months, 2 weeks ago
Selected Answer: C
It's C
upvoted 2 times
...
SQLbox
2 months, 2 weeks ago
C is the correct answer
upvoted 2 times
...
ABotha
2 months, 2 weeks ago
Correct Answer: C Short-lived access credentials: Workload Identity Federation (WIF) allows you to issue short-lived access tokens to external applications, reducing the risk of credential theft and misuse. Multiple clouds: You can create a workload identity pool for each external cloud, allowing applications from different environments to access your Google Cloud resources securely. Centralized management: WIF provides a centralized way to manage access to your Google Cloud resources, simplifying administration and improving security. Impersonation: By setting up a service account and adding an IAM binding for impersonation, you can allow external applications to act as the service account, granting them the necessary permissions to access your Google Cloud resources.
upvoted 4 times
...
yokoyan
2 months, 2 weeks ago
Selected Answer: A
I think it's A.
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel