Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Exam Professional Cloud Security Engineer Topic 1 Question 87 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 87
Topic #: 1
[All Professional Cloud Security Engineer Questions]

Your Google Cloud environment has one organization node, one folder named Apps." and several projects within that folder The organizational node enforces the constraints/iam.allowedPolicyMemberDomains organization policy, which allows members from the terramearth.com organization The "Apps" folder enforces the constraints/iam.allowedPolicyMemberDomains organization policy, which allows members from the flowlogistic.com organization. It also has the inheritFromParent: false property.

You attempt to grant access to a project in the Apps folder to the user testuser@terramearth.com.

What is the result of your action and why?

Show Suggested Answer Hide Answer
Suggested Answer: A, C

https://cloud.google.com/architecture/framework/security/data-residency-sovereignty#manage_your_operational_sovereignty


by Gail at Sep 11, 2024, 02:33 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
German
2 months ago
Wait, did they just try to sneak in a 'constraints/iam.allowedPolicyMemberDomains' policy on me? Talk about a mouthful! I'll stick with Option B and keep my sanity.
upvoted 0 times
...
Ellen
2 months ago
Hold on, does this mean I can just bypass all the organization policies by adding users directly to the project? Seems a bit too good to be true. I better go with Option B to be safe.
upvoted 0 times
...
Temeka
2 months ago
Aha, I see what they're trying to do here! The 'Apps' folder has the inheritFromParent: false property, so the action should fail. Option B is the way to go.
upvoted 0 times
Garry
20 days ago
Exactly, that's why option B is the correct answer.
upvoted 0 times
...
Audry
1 months ago
Yeah, you're right. The inheritFromParent property is set to false, so the action won't succeed.
upvoted 0 times
...
Carisa
1 months ago
I think the action fails because the 'Apps' folder only allows members from the flowlogistic.com organization.
upvoted 0 times
...
...
Francis
2 months ago
Hmm, I'm not sure about this one. The question seems a bit tricky, but I'm leaning towards Option B. Can't be too careful with those pesky organization policies!
upvoted 0 times
Stevie
11 days ago
Let's review the policies together to make sure we're on the right track.
upvoted 0 times
...
Pearly
26 days ago
I'm not so sure, maybe we should double-check the policies before making any changes.
upvoted 0 times
...
Rosita
28 days ago
Yeah, I agree. It's better to be cautious with these things.
upvoted 0 times
...
Rikki
1 months ago
I think Option B is correct. Those organization policies can be strict.
upvoted 0 times
...
...
Nickolas
2 months ago
The policy in the 'Apps' folder doesn't allow members from the terramearth.com organization, so the action should fail. Option B is the correct answer.
upvoted 0 times
...
Garry
2 months ago
Wait, did they just try to sneak in a 'constraints/iam.allowedPolicyMemberDomains' policy on me? Talk about a mouthful! I'll stick with Option B and keep my sanity.
upvoted 0 times
Chun
28 days ago
Definitely sticking with Option B, better safe than sorry with those constraints.
upvoted 0 times
...
Dulce
1 months ago
Yeah, Option B is the way to go. Can't risk messing with those policies.
upvoted 0 times
...
Alverta
2 months ago
I agree, that policy name is a mouthful! Option B seems like the safest choice.
upvoted 0 times
...
...
Jess
3 months ago
Hold on, does this mean I can just bypass all the organization policies by adding users directly to the project? Seems a bit too good to be true. I better go with Option B to be safe.
upvoted 0 times
Colette
2 months ago
User 2: Yeah, I agree. Option B seems like the safest choice in this situation.
upvoted 0 times
...
Lyndia
2 months ago
User 1: I think you're right, it might be risky to bypass the organization policies.
upvoted 0 times
...
...
Christiane
3 months ago
Aha, I see what they're trying to do here! The 'Apps' folder has the inheritFromParent: false property, so the action should fail. Option B is the way to go.
upvoted 0 times
...
Darrin
3 months ago
Hmm, I'm not sure about this one. The question seems a bit tricky, but I'm leaning towards Option B. Can't be too careful with those pesky organization policies!
upvoted 0 times
...
Joanna
3 months ago
The policy in the 'Apps' folder doesn't allow members from the terramearth.com organization, so the action should fail. Option B is the correct answer.
upvoted 0 times
Rima
2 months ago
Option B is the correct answer then. Thanks for clarifying.
upvoted 0 times
...
Paris
2 months ago
So, the result of the action would be that it fails because only members from flowlogistic.com are allowed.
upvoted 0 times
...
German
2 months ago
Yes, you're right. The constraints/iam.allowedPolicyMemberDomains organization policy is in place for the 'Apps' folder.
upvoted 0 times
...
Pamella
3 months ago
I think the action fails because the policy in the 'Apps' folder only allows members from the flowlogistic.com organization.
upvoted 0 times
...
...
Katy
3 months ago
Hmm, that makes sense. I see your point now.
upvoted 0 times
...
Eden
4 months ago
I disagree, I believe the answer is D. All policies are inherited by underlying folders and projects.
upvoted 0 times
...
Katy
4 months ago
I think the answer is B. Only members from flowlogistic.com are allowed.
upvoted 0 times
...

Save Cancel