Topic 1 Question 97

Professional Cloud Security Engineer

Topic 1 Question 97
Your organization has implemented synchronization and SAML federation between Cloud Identity and Microsoft Active Directory. You want to reduce the risk of Google Cloud user accounts being compromised. What should you do?
- Create a Cloud Identity password policy with strong password settings, and configure 2-Step Verification with security keys in the Google Admin console.
- Create a Cloud Identity password policy with strong password settings, and configure 2-Step Verification with verification codes via text or phone call in the Google Admin console.
- Create an Active Directory domain password policy with strong password settings, and configure post-SSO (single sign-on) 2-Step Verification with security keys in the Google Admin console.
- Create an Active Directory domain password policy with strong password settings, and configure post-SSO (single sign-on) 2-Step Verification with verification codes via text or phone call in the Google Admin console.
解説
Reference: https://cloud.google.com/architecture/identity/federating-gcp-with-active-directory-introduction

ユーザの投票
コメント(6)
- 正解だと思う選択肢: C
  C：correct answer
  
  👍 4
  mT32022/05/18
- C is the answer because security key is securer than 2FA code
  
  👍 4
  szl01442022/05/23
- Answer C: "We recommend against using text messages. The National Institute of Standards and Technology (NIST) no longer recommends SMS-based 2SV due to the hijacking risk from state-sponsored entities."
  
  👍 3
  coco10k2022/10/31
シャッフルモード

解説

ユーザの投票

コメント(6)