Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Exam Associate Cloud Engineer Topic 3 Question 74 Discussion

Actual exam question for Google's Associate Cloud Engineer exam
Question #: 74
Topic #: 3
[All Associate Cloud Engineer Questions]

You are performing a monthly security check of your Google Cloud environment and want to know who has access to view data stored in your Google Cloud

Project. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: A, E

Before you run the gcloud compute instances list command, you need to do two things: authenticate with your user account and set the default project for gcloud CLI.

To authenticate with your user account, you need to run gcloud auth login, enter your login credentials in the dialog window, and paste the received login token to gcloud CLI.This will authorize the gcloud CLI to access Google Cloud resources on your behalf1.

To set the default project for gcloud CLI, you need to run gcloud config set project $my_project, where $my_project is the ID of the project that contains the instances you want to list.This will save you from having to specify the project flag for every gcloud command2.

Option B is not recommended, because using a service account key increases the risk of credential leakage and misuse.It is also not necessary, because you can use your user account to authenticate to the gcloud CLI3. Option C is not correct, because there is no such thing as a Cloud Identity user account key.Cloud Identity is a service that provides identity and access management for Google Cloud users and groups4. Option D is not required, because the gcloud compute instances list command does not depend on the default zone. You can list instances from all zones or filter by a specific zone using the --filter flag.


1: https://cloud.google.com/sdk/docs/authorizing

2: https://cloud.google.com/sdk/gcloud/reference/config/set

3: https://cloud.google.com/iam/docs/best-practices-for-managing-service-account-keys

4: https://cloud.google.com/identity/docs/overview

: https://cloud.google.com/sdk/gcloud/reference/compute/instances/list

by Fausto at Dec 25, 2023, 05:53 AM

Limited Time Offer

25%

Off

Get Premium Associate Cloud Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Arlette
2 months ago
Hey, at least you're not the one in charge of the 'Data Disappearance Prevention' team. That's a tough gig!
upvoted 0 times
Lorean
12 days ago
C) Review the Identity-Aware Proxy settings for each resource.
upvoted 0 times
...
Ashley
13 days ago
B) Review the IAM permissions for any role that allows for data access.
upvoted 0 times
...
Zita
1 months ago
A) Enable Audit Logs for all APIs that are related to data storage.
upvoted 0 times
...
...
Precious
2 months ago
I'm a little confused. Why can't I just use Option C and review the Identity-Aware Proxy settings? That sounds like it would do the trick.
upvoted 0 times
Mabel
7 days ago
User1: True, having multiple layers of security checks is always a good idea.
upvoted 0 times
...
Maurine
9 days ago
User3: Enabling Audit Logs for data storage APIs is also a good practice to track access.
upvoted 0 times
...
Lorrie
11 days ago
User2: I agree with User1, it's crucial to check all roles that have access to data.
upvoted 0 times
...
Jennifer
1 months ago
User1: Option B is also important to review the IAM permissions for data access.
upvoted 0 times
...
...
Ezekiel
2 months ago
I believe enabling Audit Logs for data storage APIs is also important to track access.
upvoted 0 times
...
Omega
3 months ago
I agree with Arlyne, checking IAM permissions is crucial for security.
upvoted 0 times
...
Arlyne
3 months ago
I think we should review the IAM permissions for data access.
upvoted 0 times
...
Laura
3 months ago
D seems like the best choice. A Data Loss Prevention job can help you monitor and protect your data.
upvoted 0 times
Paz
1 months ago
D) Create a Data Loss Prevention job.
upvoted 0 times
...
Lashon
2 months ago
B) Review the IAM permissions for any role that allows for data access.
upvoted 0 times
...
Noble
2 months ago
D) Create a Data Loss Prevention job.
upvoted 0 times
...
Tamra
2 months ago
B) Review the IAM permissions for any role that allows for data access.
upvoted 0 times
...
...
Paulina
3 months ago
I believe enabling Audit Logs for data storage APIs is also important to track access.
upvoted 0 times
...
Xochitl
3 months ago
I agree with Marilynn, checking IAM permissions is crucial for security.
upvoted 0 times
...
Leah
3 months ago
I'm going with Option A. Enabling Audit Logs is a great way to track who's been accessing the data.
upvoted 0 times
Ezekiel
1 months ago
Definitely, it's important to have a comprehensive approach to data security.
upvoted 0 times
...
Brendan
1 months ago
We should also review IAM permissions to ensure only authorized users have access.
upvoted 0 times
...
Olga
2 months ago
I agree, enabling Audit Logs will help us monitor who has been viewing the data.
upvoted 0 times
...
Anastacia
2 months ago
Option A sounds like a good choice. It's important to track data access.
upvoted 0 times
...
...
Gayla
3 months ago
Option B looks like the right answer. Reviewing the IAM permissions is the way to go to see who has access to the data.
upvoted 0 times
...
Marilynn
3 months ago
I think we should review the IAM permissions for data access.
upvoted 0 times
...

Save Cancel