PROFESSIONAL-CLOUD-SECURITY-ENGINEER · Question #322
PROFESSIONAL-CLOUD-SECURITY-ENGINEER Question #322: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to reveal the answer and full explanation for question #322. The question stem and answer options stay visible for context.
Question
You manage a Google Cloud organization with many projects located in various regions around the world. The projects are protected by the same Access Context Manager access policy. You created a new folder that will host two projects that process protected health information (PHI) for US-based customers. The two projects will be separately managed and require stricter protections. You are setting up the VPC Service Controls configuration for the new folder. You must ensure that only US-based personnel can access these projects and restrict Google Cloud API access to only BigQuery and Cloud Storage within these projects. What should you do?
Options
- A- Create a scoped access policy, add the new folder under "Select resources to include in the
- B- Enable Identity Aware Proxy in the new projects.
- C- Edit the organization-level access policy and add the new folder under "Select resources to
- D- Configure a Cloud Interconnect connection or a Virtual Private Network (VPN) between the on-
Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-CLOUD-SECURITY-ENGINEER questions. Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.