Google Exam Professional-Cloud-Security-Engineer Topic 1 Question 58 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam

Question #: 58
Topic #: 1

[All Professional Cloud Security Engineer Questions]

You have the following resource hierarchy. There is an organization policy at each node in the hierarchy as shown. Which load balancer types are denied in VPC A?

AAll load balancer types are denied in accordance with the global node's policy.

BINTERNAL_TCP_UDP, INTERNAL_HTTP_HTTPS is denied in accordance with the folder's policy.

CEXTERNAL_TCP_PROXY, EXTERNAL_SSL_PROXY are denied in accordance with the project's policy.

DEXTERNAL_TCP_PROXY, EXTERNAL_SSL_PROXY, INTERNAL_TCP_UDP, and INTERNAL_HTTP_HTTPS are denied in accordance with the folder and project's policies.

Show Suggested Answer

Suggested Answer: D

by Annmarie at Dec 28, 2022, 03:59 PM

Limited Time Offer

25%

Off

Get Premium Professional-Cloud-Security-Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Mahesh

1 years ago

Answer should be A. To specify where you want a deny policy to apply, you attach it to a project, folder, or organization. When a deny policy is attached to one of these resources, the principals in the policy can't use the specified permissions to access the resource, or any of the resource's descendants. https://cloud.google.com/iam/docs/deny-overview

upvoted 1 times

...