Topic 1 Question 76
Your company pushes batches of sensitive transaction data from its application server VMs to Cloud Pub/Sub for processing and storage. What is the Google- recommended way for your application to authenticate to the required Google Cloud services?
Ensure that VM service accounts are granted the appropriate Cloud Pub/Sub IAM roles.
Ensure that VM service accounts do not have access to Cloud Pub/Sub, and use VM access scopes to grant the appropriate Cloud Pub/Sub IAM roles.
Generate an OAuth2 access token for accessing Cloud Pub/Sub, encrypt it, and store it in Cloud Storage for access from each VM.
Create a gateway to Cloud Pub/Sub using a Cloud Function, and grant the Cloud Function service account the appropriate Cloud Pub/Sub IAM roles.
ユーザの投票
コメント(17)
Agree A
👍 25AWS562020/01/12It's because of questions like these that I do not feel guilty about using question banks :D In what world would you accept value requirements like this from your user? Wouldn't you ask "Do you want to just authenticate? or the data to be encrypted on its way to pub/sub?" I'll ignore the first part of the question and assume all data is sensitive, and focus on "What is the Google- recommended way for your application to authenticate to the required Google Cloud services?" -- The answer then is A.
Use encryption and defense-in-depth for the first part.
👍 8JustJack212021/09/04A. Ensure that VM service accounts are granted the appropriate Cloud Pub/Sub IAM roles.
👍 3victory1082021/05/19
シャッフルモード