Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

GCP Basics > Configuring access and security > Flashcards

Configuring access and security Flashcards

Section-5 (5 cards)

Start Studying
1
Q

You need to configure access to
Spanner from the GKE cluster that is
supporting Cymbal Superstore’s
ecommerce microservices application. You want to specify an account type to set the proper permissions.

What should you do?

A

A. Assign permissions to a Google account referenced by the application.
B. Assign permissions through a Google Workspace account referenced by the application.
C. Assign permissions through service account referenced by the application.
D. Assign permissions through a Cloud Identity account referenced by the application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

You are trying to assign roles to the dev and
prod projects of Cymbal Superstore’s
e-commerce app but are receiving an error when you try to run set-iam policy. The projects are organized into an ecommerce folder in the Cymbal Superstore organizational
hierarchy. You want to follow best practices for the permissions you need while respecting the practice of least privilege.

What should you do?

A

A. Ask your administrator for
resourcemanager.projects.setIamPolicy roles for each project.
B. Ask your administrator for the
roles/resourcemanager.folderIamAdmin for the ecommerce folder.
C. Ask your administrator for the
roles/resourcemanager.organizationAdmin for Cymbal Superstore.
D. Ask your administrator for the
roles/iam.securityAdmin role in IAM.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

You have a custom role implemented for administration of the dev/test environment for Cymbal Superstore’s transportation management application. You are developing a
pilot to use Cloud Run instead of Cloud Run functions. You want to ensure your administrators have the correct access to the new resources.

What should you do?

A

A. Make the change to the custom role locally and run an update on the custom role.
B. Delete the custom role and recreate a new custom role with required permissions.
C. Copy the existing role, add the new
permissions to the copy, and delete the old role.
D. Create a new role with needed permissions and migrate users to it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the scenarios below is an
example of a situation where you
should use a service account?

A

A. To directly access user data
B. For development environments
C. For interactive analysis
D. For individual GKE pods

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Cymbal Superstore is implementing a mobile app for end users to track deliveries that are en route to them. The app needs to access data
about truck location from Pub/Sub using Google recommended practices.

What kind of credentials should you use?

A

A. API key
B. OAuth 2.0 client
C. Environment provided service account
D. Service account key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

GCP Basics (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions