ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Security Engineer All Questions

View all questions & answers for the Professional Cloud Security Engineer exam
Go to Exam

Exam Professional Cloud Security Engineer topic 1 question 291 discussion

Actual exam question from Google's Professional Cloud Security Engineer
Question #: 291
Topic #: 1
[All Professional Cloud Security Engineer Questions]

Your organization шs using a third-party identity and authentication provider to centrally manage users. You want to use this identity provider to grant access to the Google Cloud console without syncing identities to Google Cloud. Users should receive permissions based on attributes. What should you do?

  • A. Configure the central identity provider as a workforce identity pool provider in Workforce Identity Federation. Create an attribute mapping by using the Common Expression Language (CEL).
  • B. Configure a periodic synchronization of relevant users and groups with attributes to Cloud Identity. Activate single sign-on by using the Security Assertion Markup Language (SAML).
  • C. Set up the Google Cloud Identity Platform. Configure an external authentication provider by using OpenID Connect and link user accounts based on attributes.
  • D. Activate external identities on the Identity-Aware Proxy. Use the Security Assertion Markup Language (SAML) to configure authentication based on attributes to the central authentication provider.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by yokoyan at Sept. 6, 2024, 1:54 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Pime13
4 months, 3 weeks ago
Selected Answer: A
https://cloud.google.com/iam/docs/workforce-identity-federation Workforce Identity Federation lets you use an external identity provider (IdP) to authenticate and authorize a workforce—a group of users, such as employees, partners, and contractors—using IAM, so that the users can access Google Cloud services. With Workforce Identity Federation you don't need to synchronize user identities from your existing IdP to Google Cloud identities, as you would with Cloud Identity's Google Cloud Directory Sync (GCDS). Workforce Identity Federation extends Google Cloud's identity capabilities to support syncless, attribute-based single sign on.
upvoted 1 times
...
MoAk
5 months ago
Selected Answer: A
A is good.
upvoted 1 times
...
3fd692e
5 months, 3 weeks ago
Selected Answer: A
Clearly A.
upvoted 1 times
...
yokoyan
7 months, 3 weeks ago
Selected Answer: A
I think it's A.
upvoted 4 times
json4u
6 months, 2 weeks ago
I was wrong. Correct answer is C.
upvoted 1 times
json4u
6 months, 2 weeks ago
I wish I could delete my reply. It's A obviously. https://cloud.google.com/iam/docs/workforce-identity-federation
upvoted 2 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago