professional-cloud-security-engineer question 109 discussion

View all Professional Cloud Security Engineer here

Question 109

Your team wants to centrally manage GCP IAM permissions from their on-premises Active Directory Service. Your team
wants to manage permissions by AD group membership.
What should your team do to meet these requirements?

A. Set up Cloud Directory Sync to sync groups, and set IAM permissions on the groups.
B. Set up SAML 2.0 Single Sign-On (SSO), and assign IAM permissions to the groups.
C. Use the Cloud Identity and Access Management API to create groups and IAM permissions from Active Directory.
D. Use the Admin SDK to create groups and assign IAM permissions from Active Directory.

Answer:

Explanation:
Reference: https://cloud.google.com/blog/products/identity-security/using-your-existing-identity-management-system-with-
google-cloud-platform

User Votes:

A 1 votes

50%

B 1 votes

50%

Discussions

0 / 1000

Lakshmipriya

4 months, 3 weeks ago

Set up Cloud Directory Sync to sync groups, and set IAM permissions on the groups.

professional-cloud-security-engineer question 109 discussion

View all Professional Cloud Security Engineer here

View entire exam

Question 109

Answer:

User Votes: