Topic 1 Question 256
Your organization has two VPC Service Controls service perimeters, Perimeter-A and Perimeter-B, in Google Cloud. You want to allow data to be copied from a Cloud Storage bucket in Perimeter-A to another Cloud Storage bucket in Perimeter-B. You must minimize exfiltration risk, only allow required connections, and follow the principle of least privilege. What should you do?
Configure a perimeter bridge between Perimeter-A and Perimeter-B, and specify the Cloud Storage buckets as the resources involved.
Configure a perimeter bridge between the projects hosting the Cloud Storage buckets in Perimeter-A and Perimeter-B.
Configure an egress rule for the Cloud Storage bucket in Perimeter-A and a corresponding ingress rule in Perimeter-B.
Configure a bidirectional egress/ingress rule for the Cloud Storage buckets in Perimeter-A and Perimeter-B.
ユーザの投票
コメント(11)
- 正解だと思う選択肢: C
It should be C, due to the offered granular control and principle of least priviledge
👍 4BB_norway2024/09/07 - 正解だと思う選択肢: A
I think B is too broad in scope.
👍 4d0fa7d52024/09/09 - 正解だと思う選択肢: C
C
👍 2BondleB2024/11/02
シャッフルモード