PROFESSIONAL-CLOUD-SECURITY-ENGINEER · Question #240
PROFESSIONAL-CLOUD-SECURITY-ENGINEER Question #240: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to reveal the answer and full explanation for question #240. The question stem and answer options stay visible for context.
Question
You manage one of your organization's Google Cloud projects (Project A). A VPC Service Control (SC) perimeter is blocking API access requests to this project, including Pub/Sub. A resource running under a service account in another project (Project B) needs to collect messages from a Pub/Sub topic in your project. Project B is not included in a VPC SC perimeter. You need to provide access from Project B to the Pub/Sub topic in Project A using the principle of least privilege. What should you do?
Options
- AConfigure an ingress policy for the perimeter in Project A, and allow access for the service
- BCreate an access level that allows a developer in Project B to subscribe to the Pub/Sub topic that
- CCreate a perimeter bridge between Project A and Project B to allow the required communication
- DRemove the Pub/Sub API from the list of restricted services in the perimeter configuration for
Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-CLOUD-SECURITY-ENGINEER questions. Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.