exam questions

Exam Professional Cloud Security Engineer All Questions

View all questions & answers for the Professional Cloud Security Engineer exam

Exam Professional Cloud Security Engineer topic 1 question 288 discussion

Actual exam question from Google's Professional Cloud Security Engineer
Question #: 288
Topic #: 1
[All Professional Cloud Security Engineer Questions]

Your organization is developing an application that will have both corporate and public end-users. You want to centrally manage those customers' identities and authorizations. Corporate end users must access the application by using their corporate user and domain name. What should you do?

  • A. Add the corporate and public end-user domains to domain restricted sharing on the organization.
  • B. Federate the customers' identity provider (IdP) with Workforce Identity Federation in your application's project.
  • C. Do nothing. Google Workspace identities will allow you to filter personal accounts and disable their access.
  • D. Use a customer identity and access management tool (CIAM) like Identity Platform.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
TibiMuhoho
1 week, 2 days ago
Selected Answer: D
Workforce Identity Federation is designed for managing external workforce identities, such as contractors or business partners, not public-facing end-users. Therefore, cannot be B.
upvoted 1 times
...
Pime13
1 week, 6 days ago
Selected Answer: D
Option B suggests federating the customers' identity provider (IdP) with Workforce Identity Federation in your application's project. While Workforce Identity Federation is a powerful tool for integrating external identity providers, it is primarily designed for managing access to Google Cloud resources by external identities, such as contractors or partners, rather than managing end-user identities for an application. Using a customer identity and access management tool (CIAM) like Identity Platform (Option D) is more appropriate because it is specifically designed to handle both corporate and public end-user identities. It provides features like multi-factor authentication, user management, and integration with various identity providers, making it a comprehensive solution for managing diverse user bases.
upvoted 1 times
...
BPzen
3 weeks, 3 days ago
Selected Answer: D
For an application serving both corporate and public end-users, a Customer Identity and Access Management (CIAM) solution is the best approach. Google Cloud Identity Platform provides the tools necessary to centrally manage user authentication and authorization while supporting both corporate and public users. B. Federate the customers' identity provider (IdP) with Workforce Identity Federation in your application's project. Workforce Identity Federation is intended for internal workforce users (employees, contractors) to access Google Cloud resources, not for managing application users. It does not support public users, making it unsuitable for this use case.
upvoted 1 times
...
nah99
3 weeks, 3 days ago
Selected Answer: D
Torn b/w B & D. B just doesn't address the public end users at all. Question seems poorly written (who are the customers..)
upvoted 1 times
...
KLei
1 month ago
Selected Answer: B
D is incorrect: the question specifically highlights the need for corporate users to access the application using their corporate user credentials, which is best addressed through Workforce Identity Federation.
upvoted 2 times
...
dv1
2 months ago
"the application will have both corporate AND PUBLIC END-USERS". This means that the solution applies to Identity Platform, therefore D.
upvoted 2 times
...
json4u
2 months, 1 week ago
Obviously it's D. - Identity Platform : A customer identity and access management (CIAM) platform that lets users sign in to your applications and services. This is ideal for users who want to be their own identity provider, or who need the enterprise-ready functionality Identity Platform provides. - Workforce Identity Federation : This is an IAM feature that lets you configure and secure granular access for your workforce—employees and partners—by federating identities from an external identity provider (IdP).
upvoted 2 times
...
brpjp
3 months ago
B is correct - By federating your customers' IdP with WIF, you can provide a seamless authentication experience for your users while maintaining control over identity and access management in your Google Cloud environment.
upvoted 3 times
...
yokoyan
3 months, 2 weeks ago
Selected Answer: B
I think it's B.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago