Every employee of your company has a Google account. Your operational team needs to manage a large number of instances on Compute Engine. Each member of this team needs only administrative access to the servers. Your security team wants to ensure that the deployment of credentials is operationally efficient and must be able to determine who accessed a given instance. What should you do?
To manage a large number of instances and ensure operational efficiency while maintaining security, each team member should generate their own SSH key pair and add the public key to their Google account. By granting the 'compute.osAdminLogin' role to the Google group corresponding to the team, you utilize Google Cloud's IAM feature to manage permissions centrally. This approach allows easy addition and removal of team members and ensures each access can be accurately tracked to the respective individual thanks to IAM logging, meeting the security team's requirements.
C is correct - https://cloud.google.com/compute/docs/instances/managing-instance-access
We recommend collecting users with the same responsibilities into groups and assigning IAM roles to the groups rather than to individual users. For example, you can create a "data scientist" group and assign appropriate roles to enable interaction with BigQuery and Cloud Storage. When a new data scientist joins your team, you can simply add them to the group and they will inherit the defined permissions. You can create and manage groups through the Admin Console.
C is correct - https://shorter.me/GoogleCloudCertifiedAssociateCloudEngineer
Send private key to users is not safe, i think it's C
I am preparing for GCP Associate engineer exam. I was able to access 92 questions only, if anyone has the entire questions please share them to my <a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="e1808f808f858593808b80868e91808da1868c80888dcf828e8c">[email protected]</a> address. Thanks in advance!
Hi, Can you please also share on <a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="70021904150318131f14404430171d11191c5e131f1d">[email protected]</a>. Thanks !!
Hi! Could you share on <a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="c5a9b5a4b7a0afa4a4a2b0aca9a0b7a485a2a8a4aca9eba6aaa8">[email protected]</a>? Thanks in advance!!
Hi, Could you please share me the questions on <a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="1c727d7171692e2b252a5c7b717d7570327f7371">[email protected]</a>
Hi, is the exam questions still valid as of June 2024? Does most or all the questions coming from here? Thanks.
Hi, is the exam questions still valid as of June 2024? Does most or all the questions coming from here? Thanks.
C is the most appropriate. In this option, each team member generates their own SSH key pair and adds the public key to their Google account. By granting the `compute.osAdminLogin` role to the corresponding Google group for this team, security is enhanced, and operational efficiency is improved. This setup also allows precise tracking of which member accessed which instance.
Why in the world would I give the private key to each member of my team. The answer is C
D https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys
C is correct
C is Correct
I think It´s C. But for linux, It colud be D
D is correct
C is correct
Because they need administrative access only on the machines
C is Correct
C is correct
https://cloud.google.com/compute/docs/oslogin/set-up-oslogin
javascript:void(0)
The access can be given adding SSH public key to GCE -> Metadata. Thus every instance will inherit the key. Furthermore, granting Compute OS Admin Login will also grant access. The question badly formulated, however the answer seems to be C.