You are in charge of creating a new Google Cloud organization for your company. Which two actions should you take when creating the super administrator accounts? (Choose two.)
A.
Create an access level in the Google Admin console to prevent super admin from logging in to Google Cloud.
B.
Disable any Identity and Access Management (IAM) roles for super admin at the organization level in the Google Cloud Console.
C.
Use a physical token to secure the super admin credentials with multi-factor authentication (MFA).
D.
Use a private connection to create the super admin accounts to avoid sending your credentials over the Internet.
E.
Provide non-privileged identities to the super admin users for their day-to-day activities.
The super-admin users should not do their daily business as admin. Best practise is to use different accounts that only have limited rights (least privilleg).
C. Use a physical token to secure the super admin credentials with multi-factor authentication (MFA).
E. Provide non-privileged identities to the super admin users for their day-to-day activities.
CE is the answer.
https://cloud.google.com/resource-manager/docs/super-admin-best-practices#discourage_super_admin_account_usage
- Use a security key or other physical authentication device to enforce two-step verification
- Give super admins a separate account that requires a separate login
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Baburao
Highly Voted 2 years, 1 month agogkarthik1919
Most Recent 1 year, 1 month agoalleinallein
1 year, 6 months agoshanwford
6 months agosamuelmorher
1 year, 10 months agoAzureDP900
1 year, 11 months agoAwesomeGCP
2 years agozellck
2 years, 1 month agoAzureDP900
1 year, 11 months ago