ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Architect All Questions

View all questions & answers for the Professional Cloud Architect exam
Go to Exam

Exam Professional Cloud Architect topic 1 question 165 discussion

Actual exam question from Google's Professional Cloud Architect
Question #: 165
Topic #: 1
[All Professional Cloud Architect Questions]

Your customer is moving their corporate applications to Google Cloud Platform. The security team wants detailed visibility of all projects in the organization. You provision the Google Cloud Resource Manager and set up yourself as the org admin.
What Google Cloud Identity and Access Management (Cloud IAM) roles should you give to the security team?

  • A. Org viewer, project owner
  • B. Org viewer, project viewer
  • C. Org admin, project browser
  • D. Project owner, network admin
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by Eroc at Oct. 23, 2019, 1:51 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
shandy
Highly Voted 4 years, 4 months ago
A is not correct because Project owner is too broad. The security team does not need to be able to make changes to projects. B is correct because:-Org viewer grants the security team permissions to view the organization's display name. -Project viewer grants the security team permissions to see the resources within projects. C is not correct because Org admin is too broad. The security team does not need to be able to make changes to the organization. D is not correct because Project owner is too broad. The security team does not need to be able to make changes to projects.
upvoted 32 times
Pr44
1 year, 3 months ago
I agree.
upvoted 1 times
...
...
Eroc
Highly Voted 4 years, 5 months ago
B is the best answer because according to Google documentation i is best to use predefined roles and give the every team the least amount of access. (https://cloud.google.com/iam/docs/using-iam-securely) The question states the security must be able to view things, and the viewer role allows just that.
upvoted 12 times
tartar
3 years, 8 months ago
B is ok
upvoted 6 times
...
...
Rajarshi_Bhattacharyya
Most Recent 2 months, 1 week ago
Selected Answer: B
B is correct
upvoted 1 times
...
tamj123
5 months, 3 weeks ago
B, security team want to have visibility to all the project, so viewer to Org and Project is sufficiency.
upvoted 1 times
...
surajkrishnamurthy
1 year, 4 months ago
Selected Answer: B
B is the correct answer
upvoted 1 times
...
allen_y_q_huang
1 year, 4 months ago
Agree B as security team does not need Project owner permission, but why need to grant project viewer after granting organization viewer?
upvoted 1 times
...
Nirca
1 year, 6 months ago
Selected Answer: B
B. Org viewer, project viewer!
upvoted 1 times
...
mahima123k
1 year, 9 months ago
Very similar question was presented on 15 July 2022 exam
upvoted 3 times
Bill76
1 year, 8 months ago
Are the 260 exam topic questions enough to pass the exam?
upvoted 3 times
...
...
methamode
1 year, 12 months ago
Selected Answer: B
B is the answer!
upvoted 1 times
...
Surls
2 years, 3 months ago
Selected Answer: B
B is correct
upvoted 1 times
...
vincy2202
2 years, 4 months ago
Selected Answer: B
B is the correct answer
upvoted 1 times
...
nqthien041292
2 years, 4 months ago
Selected Answer: B
Vote B
upvoted 1 times
...
mudot
2 years, 4 months ago
Selected Answer: B
A is not correct because Project owner is too broad. The security team does not need to be able to make changes to projects. B is correct because: -Organization viewer grants the security team permissions to view the organization's display name. -Project viewer grants the security team permissions to see the resources within projects. C is not correct because Organization Administrator is too broad. The security team does not need to be able to make changes to the organization. D is not correct because Project Owner is too broad. The security team does not need to be able to make changes to projects.
upvoted 2 times
...
bala786
2 years, 9 months ago
Option B is correct as per Least Privilege
upvoted 2 times
...
victory108
2 years, 11 months ago
B. Org viewer, project viewer
upvoted 2 times
...
un
2 years, 11 months ago
B is correct
upvoted 1 times
...
lynx256
3 years ago
B is ok
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago