Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Google Exam Professional Cloud Security Engineer Topic 1 Question 74 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 74
Topic #: 1
[All Professional Cloud Security Engineer Questions]

Your company's users access data in a BigQuery table. You want to ensure they can only access the data during working hours.

What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: A

by Minna at Mar 17, 2024, 12:46 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Jenelle
6 months ago
I think option C could work too, assigning a BigQuery Data Viewer role to a service account that adds and removes users daily.
upvoted 0 times
...
Ty
6 months ago
I agree with Michal, option A sounds simpler and more straightforward.
upvoted 0 times
...
Tamar
6 months ago
I disagree, I believe option B is the best choice. Configuring Cloud Scheduler to trigger Cloud Functions seems more efficient.
upvoted 0 times
...
Michal
7 months ago
I think we should go with option A, assigning a BigQuery Data Viewer role along with a 1AM condition.
upvoted 0 times
...
Meaghan
7 months ago
But what if we need a more automated solution? Option B might be the way to go for that.
upvoted 0 times
...
Nohemi
7 months ago
I'm leaning towards option C. Assigning a BigQuery Data Viewer role to a service account that handles user management daily seems practical.
upvoted 0 times
...
Nickie
7 months ago
I disagree, I believe option B is more efficient. Using Cloud Scheduler to trigger Cloud Functions for policy modification is a better approach.
upvoted 0 times
...
Meaghan
7 months ago
I think option A is the best choice. Assigning a BigQuery Data Viewer role along with a time condition makes sense.
upvoted 0 times
...
Susy
8 months ago
Option D with the gsuttl script sounds interesting, but I'm not sure how reliable that would be. Imagine if someone forgets to run the script, then we'd have a security breach!
upvoted 0 times
...
Isadora
8 months ago
I'm leaning towards Option C. Using a service account to add and remove users daily during the specified hours seems like a simpler approach. Plus, we can easily manage the access that way.
upvoted 0 times
...
Alfred
8 months ago
I agree, Grover. Option A looks like it might work, but I'm not sure how to set up that 1AM condition. Option B sounds a bit complicated with the Cloud Functions and Scheduler.
upvoted 0 times
Raul
7 months ago
D) Run a gsuttl script that assigns a BigQuery Data Viewer role, and remove it only during the specified working hours.
upvoted 0 times
...
Talia
7 months ago
I think setting up that 1AM condition shouldn't be too difficult.
upvoted 0 times
...
Nichelle
8 months ago
A) Assign a BigQuery Data Viewer role along with an 1AM condition that limits the access to specified working hours.
upvoted 0 times
...
Maynard
8 months ago
That could work too, but it might be a manual process daily.
upvoted 0 times
...
Malcolm
8 months ago
C) Assign a BigQuery Data Viewer role to a service account that adds and removes the users daily during the specified working hours.
upvoted 0 times
...
Dulce
8 months ago
Option A seems like the easiest solution.
upvoted 0 times
...
Twanna
8 months ago
A) Assign a BigQuery Data Viewer role along with an 1AM condition that limits the access to specified working hours.
upvoted 0 times
...
...
Grover
8 months ago
You know, with all these options, I'm starting to feel like we're playing a game of 'Guess the Correct Answer'. I wish the question was a little more straightforward.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77