Explanation:
The correct answer is D because reviewing IAM permissions is essential to determine who has read access to data in the production GCP project. IAM provides detailed access control and permission management for GCP resources, making it the most direct method to identify users with data access.
For more information, visit: Google Cloud IAM Documentation.
Ultimate access to all questions.
During a mock audit of your GCP environment by your security team at a large fin-tech company, they inquire about who can access data stored in the production GCP project. What is the most appropriate action to take?
A
Create a Data Loss Prevention job to identify sensitive data access.
B
Examine the Identity-Aware Proxy settings for each resource to understand access controls.
C
Enable Audit Logs for all APIs related to data storage to track activities.
D
Review the IAM permissions for every role that grants data access to identify users with read permissions.
No comments yet.