Google Professional Cloud Security Engineer
Get started today
Ultimate access to all questions.
You have a Google Cloud organization with three folders: production, development, and networking. Networking resources are centrally managed in the networking folder. You have identified that projects in the production folder are attaching to Shared VPCs outside the networking folder, creating a potential data exfiltration risk. You must resolve this issue for the production folder without impacting the development folder, using the most efficient and least disruptive approach. What should you do?
You have a Google Cloud organization with three folders: production, development, and networking. Networking resources are centrally managed in the networking folder. You have identified that projects in the production folder are attaching to Shared VPCs outside the networking folder, creating a potential data exfiltration risk. You must resolve this issue for the production folder without impacting the development folder, using the most efficient and least disruptive approach. What should you do?
Exam-Like
A
Enable the Restrict Shared VPC Host Projects organization policy on the production folder. Create a custom rule and configure the policy type to Allow. In the Custom value section, enter under:folders/networking.
B
Comments
Loading comments...