Topic 1 Question 222

Professional Cloud Security Engineer

Topic 1 Question 222
Your company recently published a security policy to minimize the usage of service account keys. On-premises Windows-based applications are interacting with Google Cloud APIs. You need to implement Workload Identity Federation (WIF) with your identity provider on-premises.

What should you do?
- Set up a workload identity pool with your corporate Active Directory Federation Service (ADFS). Configure a rule to let principals in the pool impersonate the Google Cloud service account.
- Set up a workload identity pool with your corporate Active Directory Federation Service (ADFS). Let all principals in the pool impersonate the Google Cloud service account.
- Set up a workload identity pool with an OpenID Connect (OIDC) service on the same machine. Configure a rule to let principals in the pool impersonate the Google Cloud service account.
- Set up a workload identity pool with an OpenID Connect (OIDC) service on the same machine. Let all principals in the pool impersonate the Google Cloud service account.
ユーザの投票
コメント(5)
- 正解だと思う選択肢: A
  A is correct
  
  👍 4
  akg0012023/08/12
- A. Set up a workload identity pool with your corporate Active Directory Federation Service (ADFS). Configure a rule to let principals in the pool impersonate the Google Cloud service account. This is the best option because it allows you to control who can impersonate the Google Cloud service account.
  
  👍 3
  Mithung302023/08/04
- 正解だと思う選択肢: A
  A is correct, B is also correct, but it causes chaos.
  
  👍 2
  cyberpunk212023/08/23
シャッフルモード

ユーザの投票

コメント(5)