Answer-first summary for fast verification
Answer: 1. Create a project with a Shared VPC and assign the Network Admin role to the networking team. 2. Create a second project without a VPC, configure it as a Shared VPC service project, and assign the Compute Admin role to the development team.
The correct answer is C. Using a Shared VPC allows the separation of duties between the networking and development teams while sharing network resources. The networking team is assigned the Network Admin role to manage the Shared VPC, while the development team is assigned the Compute Admin role in a service project, preventing them from accessing network resources. This setup ensures that the networking team cannot access the sensitive data on the Compute Engine instances managed by the development team and maintains centralized control over network resources.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your company has a networking team responsible for managing all network resources and a development team that runs applications on Compute Engine instances containing sensitive data. The development team requires administrative permissions for Compute Engine to manage their applications but does not want the networking team to have access to the sensitive data on these instances. How can you structure your projects and assign roles to meet these requirements while maintaining proper role separation and data security?
A
B
C
D