Google Exam Professional Cloud Security Engineer Topic 2 Question 53 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam

Question #: 53
Topic #: 2

[All Professional Cloud Security Engineer Questions]

You need to enforce a security policy in your Google Cloud organization that prevents users from exposing objects in their buckets externally. There are currently no buckets in your organization. Which solution should you implement proactively to achieve this goal with the least operational overhead?

ACreate an hourly cron job to run a Cloud Function that finds public buckets and makes them private.

BEnable the constraints/storage.publicAccessPrevention constraint at the organization level.

CEnable the constraints/storage.uniformBucketLevelAccess constraint at the organization level.

DCreate a VPC Service Controls perimeter that protects the storage.googleapis.com service in your projects that contains buckets. Add any new project that contains a bucket to the perimeter.

Show Suggested Answer

Suggested Answer: B

by Rickie at Sep 18, 2022, 01:22 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!