Topic 1 Question 46

Professional Cloud Network Engineer

Topic 1 Question 46
Your company has a security team that manages firewalls and SSL certificates. It also has a networking team that manages the networking resources. The networking team needs to be able to read firewall rules, but should not be able to create, modify, or delete them. How should you set up permissions for the networking team?
- Assign members of the networking team the compute.networkUser role.
- Assign members of the networking team the compute.networkAdmin role.
- Assign members of the networking team a custom role with only the compute.networks.* and the compute.firewalls.list permissions.
- Assign members of the networking team the compute.networkViewer role, and add the compute.networks.use permission.
解説
Reference: https://cloud.google.com/compute/docs/access/iam

ユーザの投票
コメント(17)
- Should be B: https://cloud.google.com/compute/docs/access/iam
  
  👍 14
  beebee2020/07/21
- "B" should be the correct answer
  
  https://cloud.google.com/compute/docs/access/iam#compute.networkAdmin
  
  "For example, if your company has a security team that manages firewalls and SSL certificates and a networking team that manages the rest of the networking resources, then grant this role to the networking team's group."
  
  👍 12
  terrain2020/07/21
- Should be B, https://cloud.google.com/compute/docs/access/iam#compute.networkAdmin
  
  roles/compute.networkAdmin
  
  Permissions compute.firewallPolicies.get compute.firewallPolicies.list compute.firewallPolicies.use compute.firewalls.get compute.firewalls.list
  
  👍 3
  pentium20002021/03/22
シャッフルモード

解説

ユーザの投票

コメント(17)