Answer-first summary for fast verification
Answer: Use SSO/SAML integration with Cloud Identity for user authentication and user lifecycle management., Provide granular access with predefined roles.
The question asks for two Google-recommended best practices for configuring authentication and authorization. Option D (Use SSO/SAML integration with Cloud Identity for user authentication and user lifecycle management) is optimal because it centralizes identity management, enhances security through single sign-on, and automates user provisioning/deprovisioning. Option E (Provide granular access with predefined roles) follows the principle of least privilege by granting only necessary permissions rather than broad basic roles, which is strongly recommended by Google's IAM documentation (as cited in the community discussion). Option A (Google default encryption) is unrelated to authentication/authorization. Option B (Manually add users) is inefficient and error-prone compared to automated identity management. Option C (Provision users with basic roles) violates least privilege principles as basic roles grant excessive permissions across all services.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
As a security administrator responsible for managing access controls on Google Cloud, which two Google-recommended best practices should you follow when configuring authentication and authorization?
A
Use Google default encryption.
B
Manually add users to Google Cloud.
C
Provision users with basic roles using Google's Identity and Access Management (IAM) service.
D
Use SSO/SAML integration with Cloud Identity for user authentication and user lifecycle management.
E
Provide granular access with predefined roles.
No comments yet.