Google Associate Cloud Engineer

Get started today

Ultimate access to all questions.

Explanation:

The correct answer is B because the security team only needs visibility into the projects, and the project viewer role provides this access while adhering to the principle of least privilege.

Option A is incorrect because while the project owner role provides access, it does not follow the best practice of least privilege.
Option C is incorrect because the org admin role exceeds the necessary permissions and violates the principle of least privilege.
Option D is incorrect because it lacks the organization viewer access required to view the organization's projects.

For more details, refer to the GCP documentation on Organization & Project access control.

Explanation:

The correct answer is B because the security team only needs visibility into the projects, and the project viewer role provides this access while adhering to the principle of least privilege.

Option A is incorrect because while the project owner role provides access, it does not follow the best practice of least privilege.
Option C is incorrect because the org admin role exceeds the necessary permissions and violates the principle of least privilege.
Option D is incorrect because it lacks the organization viewer access required to view the organization's projects.

For more details, refer to the GCP documentation on Organization & Project access control.

Comments (0)

No comments yet.

Your customer is transitioning their corporate applications to Google Cloud Platform. The security team requires comprehensive visibility across all projects within the organization. After setting up Google Cloud Resource Manager and assigning yourself as the organization admin, which Google Cloud Identity and Access Management (Cloud IAM) roles should you assign to the security team to meet their needs?

Real Exam

Org viewer, project owner

17.8%

Org viewer, project viewer

55.6%

Org admin, project browser

17.8%

Project owner, network admin

8.9%