Google Associate Cloud Engineer Exam - Topic 5 Question 59 Discussion

Actual exam question for Google's Associate Cloud Engineer exam

Question #: 59
Topic #: 5

[All Associate Cloud Engineer Questions]

Your management has asked an external auditor to review all the resources in a specific project. The security team has enabled the Organization Policy called Domain Restricted Sharing on the organization node by specifying only your Cloud Identity domain. You want the auditor to only be able to view, but not modify, the

resources in that project. What should you do?

AAsk the auditor for their Google account, and give them the Viewer role on the project.

BAsk the auditor for their Google account, and give them the Security Reviewer role on the project.

CCreate a temporary account for the auditor in Cloud Identity, and give that account the Viewer role on the project.

DCreate a temporary account for the auditor in Cloud Identity, and give that account the Security Reviewer role on the project.

Show Suggested Answer

Suggested Answer: A

by Tasia at Oct 23, 2022, 08:14 AM

Limited Time Offer

25%

Off

Get Premium Associate Cloud Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Christiane

4 months ago

Not sure about D, does the Security Reviewer role really fit here?

upvoted 0 times

...

Nakisha

4 months ago

C seems like a solid choice, keeps things secure.

upvoted 0 times

...

Elbert

4 months ago

Wait, can we really create a temporary account for them?

upvoted 0 times

...

Staci

4 months ago

I think B is better, Security Reviewer has more context.

upvoted 0 times

...

Leslie

4 months ago

Option A gives them the Viewer role, sounds good!

upvoted 0 times

...

Dalene

5 months ago

I’m leaning towards option A, giving the auditor the Viewer role, but I worry that might not align with the Domain Restricted Sharing policy we studied.

upvoted 0 times

...

Carmen

5 months ago

I practiced a similar question where we had to limit access, and I feel like creating a temporary account could be a good solution, but I’m unsure about the implications.

upvoted 0 times

...

Dan

5 months ago

I think the Security Reviewer role might be more appropriate since it’s specifically designed for auditing, but I can't recall the exact permissions it grants.

upvoted 0 times

...

Earnestine

5 months ago

I remember we discussed the importance of roles in access management, but I'm not sure if the Viewer role is the best choice here.

upvoted 0 times

...

Cathern

5 months ago

Okay, I've got this. The key is to remember the proper order - Scope, Selection, Edit, Validation, Activation. I'm confident I can nail this one.

upvoted 0 times

...

Shawna

5 months ago

This question reminds me of a practice scenario we did where the focus was on operational differences. Could it be that both A and B are right in some cases?

upvoted 0 times

...

Heidy

5 months ago

I'm a bit confused by all the different firewall options mentioned. I'll need to do some research to understand the differences and capabilities of each one before answering.

upvoted 0 times

...

Rosendo

5 months ago

Availability seems like the most important factor here. In a 24-hour webshop, customers need to be able to access the product pricing information whenever they want to make a purchase. Confidentiality and integrity are important, but availability is crucial for the business to function.

upvoted 0 times

...