Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Developer Exam - Topic 12 Question 96 Discussion

Actual exam question for Google's Professional Cloud Developer exam
Question #: 96
Topic #: 12
[All Professional Cloud Developer Questions]

You are developing a web application that contains private images and videos stored in a Cloud Storage bucket. Your users are anonymous and do not have Google Accounts. You want to use your application-specific logic to control access to the images and videos. How should you configure access?

Show Suggested Answer Hide Answer
Suggested Answer: C

by Wai at Sep 14, 2024, 10:39 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Developer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Noble
4 months ago
B is risky, granting allUsers access could lead to leaks.
upvoted 0 times
...
Mitsue
4 months ago
A is too complicated for this scenario, just keep it simple!
upvoted 0 times
...
Ty
4 months ago
Wait, can you really use signed URLs for anonymous users?
upvoted 0 times
...
Sang
4 months ago
I disagree, I think C is more robust with IAP.
upvoted 0 times
...
Antonio
5 months ago
Option D seems like the best choice for secure access.
upvoted 0 times
...
Melda
5 months ago
I vaguely recall something about caching IP addresses with Google Cloud Armor, but I don't think that's the right approach here. Option A seems off to me.
upvoted 0 times
...
Rochell
5 months ago
I feel like we practiced a similar question where we used Identity-Aware Proxy. Option C sounds familiar, but I'm not confident if it fits this scenario.
upvoted 0 times
...
Eugene
5 months ago
I'm not entirely sure, but I think granting the Storage Object Viewer role to allUsers in option B could expose the content too much.
upvoted 0 times
...
Shad
5 months ago
I remember we discussed the importance of keeping private content secure, so I think option D with signed URLs might be the best choice.
upvoted 0 times
...
Buck
5 months ago
I think option D with signed URLs sounds like the best approach to control access without relying on user accounts. I'll focus on understanding how to implement that properly.
upvoted 0 times
...
Coral
5 months ago
Hmm, I'm a bit confused by the different options. I'll need to review the details on IAP and signed URLs to understand the differences.
upvoted 0 times
...
Alecia
5 months ago
This seems like a tricky one. I'll need to think through the security implications of each approach carefully.
upvoted 0 times
...
Charisse
6 months ago
Option C with IAP seems like the most robust solution, but I'm not as familiar with that service. I'll need to research how to set it up for this use case.
upvoted 0 times
...
Reyes
6 months ago
I'm a little confused by the wording of the options. I know DIACAP is related to information system security, but I'm not sure I fully understand the concept of residual risk. I'll have to review my notes before answering this.
upvoted 0 times
...
Maile
10 months ago
Option C with IAP sounds fancy, but why overcomplicate things? D gets the job done without all the extra setup.
upvoted 0 times
Hyman
9 months ago
True, but sometimes simplicity is key when it comes to development.
upvoted 0 times
...
Wilda
10 months ago
But option C with IAP provides an extra layer of security.
upvoted 0 times
...
Tasia
10 months ago
I agree, option D seems like the simplest solution.
upvoted 0 times
...
...
Rutha
10 months ago
Haha, can you imagine trying to manage a big IP table? What is this, the 90s? D is the clear winner here.
upvoted 0 times
Ula
9 months ago
IAP authentication would add an extra layer of security to the application.
upvoted 0 times
...
Arletta
9 months ago
Signed URLs would definitely simplify things for users.
upvoted 0 times
...
Marta
9 months ago
Yeah, D seems like the most efficient option for controlling access.
upvoted 0 times
...
Rory
9 months ago
I agree, managing a big IP table sounds like a nightmare.
upvoted 0 times
...
...
Mona
10 months ago
I was thinking B might work, but requiring users to authenticate through the app first is a good call. Signed URLs are the way to go.
upvoted 0 times
Mattie
9 months ago
D) Generate a signed URL that grants read access to the bucket. Allow users to access the URL after authenticating through your web application.
upvoted 0 times
...
Ronald
9 months ago
B) Grant the Storage Object Viewer IAM role to allUsers. Allow users to access the bucket after authenticating through your web application.
upvoted 0 times
...
...
Desire
11 months ago
I agree, D seems the most straightforward approach. Keeping the authorization logic in our application makes it easier to manage and scale.
upvoted 0 times
Lillian
10 months ago
I agree, D seems the most straightforward approach. Keeping the authorization logic in our application makes it easier to manage and scale.
upvoted 0 times
...
Gretchen
10 months ago
C) Configure Identity-Aware Proxy (IAP) to authenticate users into the web application. Allow users to access the bucket after authenticating through IAP.
upvoted 0 times
...
Galen
10 months ago
D) Generate a signed URL that grants read access to the bucket. Allow users to access the URL after authenticating through your web application.
upvoted 0 times
...
...
Natalie
11 months ago
Option D looks like the best choice here. Generating a signed URL for the bucket allows us to control access without relying on Google Accounts or IP address caching.
upvoted 0 times
Kanisha
10 months ago
Option D does seem like a good choice. It provides a secure way to grant access to the bucket.
upvoted 0 times
...
Josphine
10 months ago
I'm not sure, I think option C with Identity-Aware Proxy could also be a good choice for authentication.
upvoted 0 times
...
Billye
10 months ago
Yeah, I agree. Using a signed URL seems like a secure way to manage access to the images and videos.
upvoted 0 times
...
Valda
11 months ago
I think option D is the way to go. It gives us control over access without needing Google Accounts.
upvoted 0 times
...
...
Kate
11 months ago
I'm not sure about option D. I think option C with Identity-Aware Proxy could also be a good solution for controlling access.
upvoted 0 times
...
Long
11 months ago
I agree with Hermila. Option D provides a secure way to grant access to the private images and videos.
upvoted 0 times
...
Hermila
11 months ago
I think option D is the best choice. It allows us to control access using our application-specific logic.
upvoted 0 times
...

Save Cancel