You are migrating users to Google Cloud and need to mitigate the risk of cookie replay attacks for both Google web sessions and Google Cloud CLI SDK sessions on endpoint devices.

What should you do? (Choose two.)

Exam-Like

Last updated: December 8, 2025 at 14:04

Configure Google session control to a shorter duration.

Set an organizational policy for OAuth 2.0 access token with a shorter duration.

Set a reauthentication policy for Google Cloud services to a shorter duration.

Configure a third-party identity provider with session management.

Enforce Security Key Authentication with 2SV.

Google Professional Cloud Security Engineer