Explanation:
Option A is the correct answer because it maintains 2-Step Verification (2SV) protection throughout the recovery process by using backup codes as a temporary second factor, minimizing security risk. This approach is supported by Google's official documentation and community consensus, with 100% agreement in the discussion and high upvotes. Option B temporarily disables 2SV for all users, creating a broader security vulnerability. Option C disables 2SV for the individual account, leaving it temporarily unprotected. Option D involves a full credential reset, which is unnecessary and doesn't address the second factor issue directly, potentially increasing risk.
Ultimate access to all questions.
You are managing your company's identities in Google Cloud. The company enforces 2-Step Verification (2SV) for all users. A user has lost their second factor and needs their access reset. Your goal is to minimize risk. What should you do?
A
On the Google Admin console, select the appropriate user account, and generate a backup code to allow the user to sign in. Ask the user to update their second factor.
B
On the Google Admin console, temporarily disable the 2SV requirements for all users. Ask the user to log in and add their new second factor to their account. Re-enable the 2SV requirement for all users.
C
On the Google Admin console, select the appropriate user account, and temporarily disable 2SV for this account. Ask the user to update their second factor, and then re-enable 2SV for this account.
D
On the Google Admin console, use a super administrator account to reset the user account's credentials. Ask the user to update their credentials after their first login.
No comments yet.