Google Exam Professional-Cloud-Security-Engineer Topic 4 Question 29 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam

Question #: 29
Topic #: 4

[All Professional Cloud Security Engineer Questions]

You are part of a security team that wants to ensure that a Cloud Storage bucket in Project A can only be readable from Project B. You also want to ensure that data in the Cloud Storage bucket cannot be accessed from or copied to Cloud Storage buckets outside the network, even if the user has the correct credentials.

What should you do?

AEnable VPC Service Controls, create a perimeter with Project A and B, and include Cloud Storage service.

BEnable Domain Restricted Sharing Organization Policy and Bucket Policy Only on the Cloud Storage bucket.

CEnable Private Access in Project A and B networks with strict firewall rules to allow communication between the networks.

DEnable VPC Peering between Project A and B networks with strict firewall rules to allow communication between the networks.

Show Suggested Answer

Suggested Answer: B

https://cloud.google.com/resource-manager/docs/organization-policy/restricting-domains

by Merlyn at May 07, 2022, 10:55 PM

Limited Time Offer

25%

Off

Get Premium Professional-Cloud-Security-Engineer Questions as Interactive Web-Based Practice Test or PDF

Comments

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!