Google Exam Professional-Cloud-Security-Engineer Topic 3 Question 89 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam

Question #: 89
Topic #: 3

[All Professional Cloud Security Engineer Questions]

Employees at your company use their personal computers to access your organization s Google Cloud console. You need to ensure that users can only access the Google Cloud console from their corporate-issued devices and verify that they have a valid enterprise certificate

What should you do?

AImplement an Identity and Access Management (1AM) conditional policy to verify the device certificate

BImplement a VPC firewall policy Activate packet inspection and create an allow rule to validate and verify the device certificate.

CImplement an organization policy to verify the certificate from the access context.

DImplement an Access Policy in BeyondCorp Enterprise to verify the device certificate Create an access binding with the access policy just created.

Show Suggested Answer

Suggested Answer: D

https://cloud.google.com/beyondcorp?hl=pt-br

by Francoise at Sep 16, 2024, 02:14 PM

Limited Time Offer

25%

Off

Get Premium Professional-Cloud-Security-Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Scarlet

7 days ago

I'm not sure, I think option D) Implement an Access Policy in BeyondCorp Enterprise might be a better choice. It seems more comprehensive in verifying the device certificate.

upvoted 0 times

...

Coral

8 days ago

I'm with Darnell on this one. Option B sounds like way too much work. Keep it simple, folks!

upvoted 0 times

...

Zana

11 days ago

I agree with Roxane. Option A sounds like the most secure way to ensure only corporate-issued devices can access the Google Cloud console.

upvoted 0 times

...

Roxane

19 days ago

I think we should go with option A) Implement an Identity and Access Management (1AM) conditional policy to verify the device certificate.

upvoted 0 times

...

Darnell

21 days ago

Haha, option B is a classic 'let's overcomplicate things' answer. Packet inspection? Really?

upvoted 0 times

...

Kasandra

24 days ago

Option A looks good to me. IAM conditional policies are super powerful for this kind of use case.

upvoted 0 times

...

Evangelina

26 days ago

I'd go with option C. Verifying the certificate from the access context seems like the straightforward approach.

upvoted 0 times

...

Lynelle

27 days ago

Definitely option D. BeyondCorp Enterprise is the way to go for verifying device certificates. Seems like the most comprehensive solution here.

upvoted 0 times

Ula

3 days ago

Yes, BeyondCorp Enterprise provides a strong security solution for ensuring that only corporate-issued devices with valid certificates can access the Google Cloud console.

upvoted 0 times

...

Charlesetta

20 days ago

I agree, option D with BeyondCorp Enterprise seems like the best choice for verifying device certificates.

upvoted 0 times

...