Topic 8 Question 5
For this question, refer to the Dress4Win case study. You are responsible for the security of data stored in Cloud Storage for your company, Dress4Win. You have already created a set of Google Groups and assigned the appropriate users to those groups. You should use Google best practices and implement the simplest design to meet the requirements. Considering Dress4Win's business and technical requirements, what should you do?
Assign custom IAM roles to the Google Groups you created in order to enforce security requirements. Encrypt data with a customer-supplied encryption key when storing files in Cloud Storage.
Assign custom IAM roles to the Google Groups you created in order to enforce security requirements. Enable default storage encryption before storing files in Cloud Storage.
Assign predefined IAM roles to the Google Groups you created in order to enforce security requirements. Utilize Google's default encryption at rest when storing files in Cloud Storage.
Assign predefined IAM roles to the Google Groups you created in order to enforce security requirements. Ensure that the default Cloud KMS key is set before storing files in Cloud Storage.
γ³γ‘γ³γ(3)
C
"Google best practices and implement the simplest design to meet the requirements." Whenever question states to use google's best practice and keep it simple, always use predefined roles and cloud storage already provides encryption at rest.
π 4areza2021/06/11I would go for A, as custom IAM roles will gives the exact permissions you want rather than predefined one. For better encryption, customer supply key is better.
π 2Avi_mega2021/06/08correct answer is D, we need to set default KMS key for our bucket.
π 1Sukhi4fornet2022/12/20
γ·γ£γγγ«γ’γΌγ