Google Associate Cloud Engineer

Get started today

Ultimate access to all questions.

Your company has provided every employee with a Google account. The operational team, responsible for managing a substantial number of instances on Compute Engine, requires administrative access to these servers. To meet security protocols, the security team mandates that the deployment of credentials should be efficient from an operational perspective and they must be capable of tracking who has accessed any given instance. How should this be implemented?

Exam-Like

Generate a new SSH key pair. Give the private key to each member of your team. Configure the public key in the metadata of each instance.

Ask each member of the team to generate a new SSH key pair and to send you their public key. Use a configuration management tool to deploy those keys on each instance.

Ask each member of the team to generate a new SSH key pair and to add the public key to their Google account. Grant the 'compute.osAdminLogin' role to the Google group corresponding to this team.

Generate a new SSH key pair. Give the private key to each member of your team. Configure the public key as a project-wide public SSH key in your Cloud Platform project and allow project-wide public SSH keys on each instance.

Explanation:

The correct answer is C. This option ensures that each team member generates their own SSH key pair and adds the public key to their Google account. By granting the 'compute.osAdminLogin' role to the Google group corresponding to this team, security is enhanced and operational efficiency is improved. This setup also allows precise tracking of which member accessed which instance, fulfilling the security team's requirement to determine who accessed a given instance.

Powered ByGPT-5.2

Comments

Loading comments...