Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Exam Associate Cloud Engineer Topic 3 Question 74 Discussion

Actual exam question for Google's Associate Cloud Engineer exam
Question #: 74
Topic #: 3
[All Associate Cloud Engineer Questions]

You are performing a monthly security check of your Google Cloud environment and want to know who has access to view data stored in your Google Cloud

Project. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: A, E

Before you run the gcloud compute instances list command, you need to do two things: authenticate with your user account and set the default project for gcloud CLI.

To authenticate with your user account, you need to run gcloud auth login, enter your login credentials in the dialog window, and paste the received login token to gcloud CLI.This will authorize the gcloud CLI to access Google Cloud resources on your behalf1.

To set the default project for gcloud CLI, you need to run gcloud config set project $my_project, where $my_project is the ID of the project that contains the instances you want to list.This will save you from having to specify the project flag for every gcloud command2.

Option B is not recommended, because using a service account key increases the risk of credential leakage and misuse.It is also not necessary, because you can use your user account to authenticate to the gcloud CLI3. Option C is not correct, because there is no such thing as a Cloud Identity user account key.Cloud Identity is a service that provides identity and access management for Google Cloud users and groups4. Option D is not required, because the gcloud compute instances list command does not depend on the default zone. You can list instances from all zones or filter by a specific zone using the --filter flag.


1: https://cloud.google.com/sdk/docs/authorizing

2: https://cloud.google.com/sdk/gcloud/reference/config/set

3: https://cloud.google.com/iam/docs/best-practices-for-managing-service-account-keys

4: https://cloud.google.com/identity/docs/overview

: https://cloud.google.com/sdk/gcloud/reference/compute/instances/list

by Fausto at Dec 25, 2023, 05:53 AM

Limited Time Offer

25%

Off

Get Premium Associate Cloud Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Ezekiel
10 hours ago
I believe enabling Audit Logs for data storage APIs is also important to track access.
upvoted 0 times
...
Omega
2 days ago
I agree with Arlyne, checking IAM permissions is crucial for security.
upvoted 0 times
...
Arlyne
4 days ago
I think we should review the IAM permissions for data access.
upvoted 0 times
...
Laura
6 days ago
D seems like the best choice. A Data Loss Prevention job can help you monitor and protect your data.
upvoted 0 times
...
Paulina
7 days ago
I believe enabling Audit Logs for data storage APIs is also important to track access.
upvoted 0 times
...
Xochitl
9 days ago
I agree with Marilynn, checking IAM permissions is crucial for security.
upvoted 0 times
...
Leah
9 days ago
I'm going with Option A. Enabling Audit Logs is a great way to track who's been accessing the data.
upvoted 0 times
...
Gayla
11 days ago
Option B looks like the right answer. Reviewing the IAM permissions is the way to go to see who has access to the data.
upvoted 0 times
...
Marilynn
12 days ago
I think we should review the IAM permissions for data access.
upvoted 0 times
...

Save Cancel