ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Security Engineer All Questions

View all questions & answers for the Professional Cloud Security Engineer exam
Go to Exam

Exam Professional Cloud Security Engineer topic 1 question 275 discussion

Actual exam question from Google's Professional Cloud Security Engineer
Question #: 275
Topic #: 1
[All Professional Cloud Security Engineer Questions]

Your organization is migrating business critical applications to Google Cloud across multiple projects. You only have the required IAM permission at the Google Cloud organization level. You want to grant project access to support engineers from two partner organizations using their existing identity provider (IdP) credentials. What should you do?

  • A. Create two single sign-on (SSO) profiles for the internal and partner IdPs by using SSO for Cloud Identity.
  • B. Create users manually by using the Google Cloud console. Assign the users to groups.
  • C. Create two workforce identity pools for the partner IdPs.
  • D. Sync user identities from their existing IdPs to Cloud Identity by using Google Cloud Directory Sync (GCDS).
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by yokoyan at Sept. 6, 2024, 1:41 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
jmaquino
5 months, 3 weeks ago
Selected Answer: C
Workforce Identity Federation lets you use an external identity provider (IdP) to authenticate and authorize a workforce—a group of users, such as employees, partners, and contractors—using IAM, so that the users can access Google Cloud services. With Workforce Identity Federation you don't need to synchronize user identities from your existing IdP to Google Cloud identities, as you would with Cloud Identity's Google Cloud Directory Sync (GCDS). Workforce Identity Federation extends Google Cloud's identity capabilities to support syncless, attribute-based single sign on.
upvoted 2 times
...
3fd692e
5 months, 3 weeks ago
Selected Answer: C
Classic workforce identity use-case because the question references outside identity providers. You wouldn't use GCDS in this scenario.
upvoted 1 times
...
json4u
6 months, 2 weeks ago
Answer is C. This case shows well when to use Work Force Federation.
upvoted 2 times
json4u
6 months, 2 weeks ago
I meant Workforce Identity Federation :)
upvoted 2 times
...
...
dat987
6 months, 2 weeks ago
Selected Answer: C
Answer is C
upvoted 3 times
...
yokoyan
7 months, 3 weeks ago
Selected Answer: D
I think it's D.
upvoted 2 times
yokoyan
5 months ago
not D. C is correct.
upvoted 1 times
...
KLei
5 months, 1 week ago
Google Cloud Directory Sync (GCDS typically applies to syncing users from on-premises directories to Google Workspace
upvoted 2 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago