Topic 1 Question 223
After completing a security vulnerability assessment, you learned that cloud administrators leave Google Cloud CLI sessions open for days. You need to reduce the risk of attackers who might exploit these open sessions by setting these sessions to the minimum duration.
What should you do?
Set the session duration for the Google session control to one hour.
Set the reauthentication frequency for the Google Cloud Session Control to one hour.
Set the organization policy constraint constraints/iam.allowServiceAccountCredentialLifetimeExtension to one hour.
Set the organization policy constraint constraints/iam.serviceAccountKeyExpiryHours to one hour and inheritFromParent to false.
ユーザの投票
コメント(12)
- 正解だと思う選択肢: A
C,D serviceAccountKeyExpiryHours is for Service Account not human (users) - as in the question. B - reauthenticate it is not user frendly, to reautjhenticate user once every hour
So correct is A.
👍 3gcp4test2023/08/04 - 正解だと思う選択肢: B👍 3RuchiMishra2023/08/13
- 正解だと思う選択肢: B👍 3anshad6662023/08/25
シャッフルモード