PROFESSIONAL-CLOUD-SECURITY-ENGINEER Question #347: Real Exam Question with Answer & Explanation

Sign in or unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to reveal the answer and full explanation for question #347. The question stem and answer options stay visible for context.

Submitted by diego_uy· Apr 18, 2026Configuring access within a cloud solution environment

Question

Your organization is migrating its primary web application from on-premises to Google Kubernetes Engine (GKE). You must advise the development team on how to grant their applications access to Google Cloud services from within GKE according to security recommended practices. What should you advise the development team to do?

Options

AConfigure the GKE nodes to use the default Compute Engine service account.
BEnable Workload Identity for GKE. Assign a Kubernetes service account to the application and
CCreate a user-managed service account with only the roles required for the specific workload.
DCreate an application-specific IAM service account and generate a user-managed service account

Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to see the answer

You've previewed enough free PROFESSIONAL-CLOUD-SECURITY-ENGINEER questions. Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER - $49.99 / 30 days Sign in

Topics

#Workload Identity#GKE security#Identity and Access Management (IAM)#Service Accounts

Full PROFESSIONAL-CLOUD-SECURITY-ENGINEER Practice Browse All PROFESSIONAL-CLOUD-SECURITY-ENGINEER Questions