Topic 1 Question 161
You are performing a monthly security check of your Google Cloud environment and want to know who has access to view data stored in your Google Cloud Project. What should you do?
Enable Audit Logs for all APIs that are related to data storage.
Review the IAM permissions for any role that allows for data access.
Review the Identity-Aware Proxy settings for each resource.
Create a Data Loss Prevention job.
解説
Reference: https://cloud.google.com/compute/docs/access
ユーザの投票
コメント(7)
- 正解だと思う選択肢: B
Only use audit logs to look at history (PAST) If you need current, up-to-date, info regarding permissions always go to IAM
👍 10JelloMan2022/05/27 - 正解だと思う選択肢: B
B is the one:
A. Enable Audit Logs for all APIs that are related to data storage. --> That is not the correct answer, if someone with permissions has not accessed or does not access, it will not be listed. B. Review the IAM permissions for any role that allows for data access. --> That's correct C. Review the Identity-Aware Proxy settings for each resource. --> Nothing relevant, Proxy? Is configured? The question don't ask or tell something about if it is configured. D. Create a Data Loss Prevention job. --> Data Loss Prevention nothing to see here.
👍 8Alejondri2022/05/10 - 正解だと思う選択肢: B
B is the one
👍 3Terzlightyear2022/05/08
シャッフルモード