Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Exam Professional Cloud Security Engineer Topic 1 Question 87 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 87
Topic #: 1
[All Professional Cloud Security Engineer Questions]

Your Google Cloud environment has one organization node, one folder named Apps." and several projects within that folder The organizational node enforces the constraints/iam.allowedPolicyMemberDomains organization policy, which allows members from the terramearth.com organization The "Apps" folder enforces the constraints/iam.allowedPolicyMemberDomains organization policy, which allows members from the flowlogistic.com organization. It also has the inheritFromParent: false property.

You attempt to grant access to a project in the Apps folder to the user testuser@terramearth.com.

What is the result of your action and why?

Show Suggested Answer Hide Answer
Suggested Answer: A, C

https://cloud.google.com/architecture/framework/security/data-residency-sovereignty#manage_your_operational_sovereignty


by Gail at Sep 11, 2024, 02:33 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
German
9 days ago
Wait, did they just try to sneak in a 'constraints/iam.allowedPolicyMemberDomains' policy on me? Talk about a mouthful! I'll stick with Option B and keep my sanity.
upvoted 0 times
...
Ellen
10 days ago
Hold on, does this mean I can just bypass all the organization policies by adding users directly to the project? Seems a bit too good to be true. I better go with Option B to be safe.
upvoted 0 times
...
Temeka
10 days ago
Aha, I see what they're trying to do here! The 'Apps' folder has the inheritFromParent: false property, so the action should fail. Option B is the way to go.
upvoted 0 times
...
Francis
12 days ago
Hmm, I'm not sure about this one. The question seems a bit tricky, but I'm leaning towards Option B. Can't be too careful with those pesky organization policies!
upvoted 0 times
...
Nickolas
19 days ago
The policy in the 'Apps' folder doesn't allow members from the terramearth.com organization, so the action should fail. Option B is the correct answer.
upvoted 0 times
...
Garry
22 days ago
Wait, did they just try to sneak in a 'constraints/iam.allowedPolicyMemberDomains' policy on me? Talk about a mouthful! I'll stick with Option B and keep my sanity.
upvoted 0 times
...
Jess
2 months ago
Hold on, does this mean I can just bypass all the organization policies by adding users directly to the project? Seems a bit too good to be true. I better go with Option B to be safe.
upvoted 0 times
Colette
12 days ago
User 2: Yeah, I agree. Option B seems like the safest choice in this situation.
upvoted 0 times
...
Lyndia
13 days ago
User 1: I think you're right, it might be risky to bypass the organization policies.
upvoted 0 times
...
...
Christiane
2 months ago
Aha, I see what they're trying to do here! The 'Apps' folder has the inheritFromParent: false property, so the action should fail. Option B is the way to go.
upvoted 0 times
...
Darrin
2 months ago
Hmm, I'm not sure about this one. The question seems a bit tricky, but I'm leaning towards Option B. Can't be too careful with those pesky organization policies!
upvoted 0 times
...
Joanna
2 months ago
The policy in the 'Apps' folder doesn't allow members from the terramearth.com organization, so the action should fail. Option B is the correct answer.
upvoted 0 times
Rima
20 days ago
Option B is the correct answer then. Thanks for clarifying.
upvoted 0 times
...
Paris
25 days ago
So, the result of the action would be that it fails because only members from flowlogistic.com are allowed.
upvoted 0 times
...
German
27 days ago
Yes, you're right. The constraints/iam.allowedPolicyMemberDomains organization policy is in place for the 'Apps' folder.
upvoted 0 times
...
Pamella
29 days ago
I think the action fails because the policy in the 'Apps' folder only allows members from the flowlogistic.com organization.
upvoted 0 times
...
...
Katy
2 months ago
Hmm, that makes sense. I see your point now.
upvoted 0 times
...
Eden
2 months ago
I disagree, I believe the answer is D. All policies are inherited by underlying folders and projects.
upvoted 0 times
...
Katy
2 months ago
I think the answer is B. Only members from flowlogistic.com are allowed.
upvoted 0 times
...

Save Cancel