GCP PCA · Question 27 · Domain 3: Designing for Security and Compliance
You are designing the resource hierarchy for a large enterprise. The company has three main departments: HR, Finance, and Engineering. Each department has multiple environments (Dev, Test, Prod). You need to apply a policy that prevents the creation of external IP addresses for all Dev and Test environments across all departments. How should you structure the hierarchy?
Answer options:
Create Folders for HR, Finance, and Engineering at the top level. Create sub-folders for Dev, Test, and Prod. Apply the Organization Policy to every Dev and Test sub-folder.
Create Folders for Dev, Test, and Prod at the top level. Create sub-folders for HR, Finance, and Engineering. Apply the Organization Policy to the Dev and Test folders.
Apply the Organization Policy at the Organization node and use IAM conditions to exempt Prod.
Apply the policy at the Project level for every Dev and Test project.
50 questions · hints · full answers · grading
Expert