Answer-first summary for fast verification
Answer: Use a physical token to secure the super admin credentials with multi-factor authentication (MFA)., Provide non-privileged identities to the super admin users for their day-to-day activities.
The correct answers are C and E based on Google Cloud's super admin best practices and community consensus. Option C (using a physical token for MFA) enhances security by requiring strong authentication for super admin access, protecting against credential theft. Option E (providing non-privileged identities for day-to-day activities) follows the principle of least privilege, reducing the risk of accidental or malicious actions by ensuring super admins use separate, limited accounts for routine tasks. Option A is incorrect because the Google Admin console access level doesn't prevent super admin login to Google Cloud. Option B is incorrect because disabling IAM roles for super admin would render the account useless. Option D is incorrect because private connections don't inherently secure credentials and aren't a primary best practice for super admin setup.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
You are creating a new Google Cloud organization for your company. Which two actions should you take when setting up the super administrator accounts? (Choose two.)
A
Create an access level in the Google Admin console to prevent super admin from logging in to Google Cloud.
B
Disable any Identity and Access Management (IAM) roles for super admin at the organization level in the Google Cloud Console.
C
Use a physical token to secure the super admin credentials with multi-factor authentication (MFA).
D
Use a private connection to create the super admin accounts to avoid sending your credentials over the Internet.
E
Provide non-privileged identities to the super admin users for their day-to-day activities.