ExpertHard1 markMultiple Choice
GCP PCA · Question 43 · Security Design
You are designing the IAM hierarchy for a new GCP organization. Following Google's best practices for security and manageability, which THREE principles should you apply? (Select THREE)
You are designing the IAM hierarchy for a new GCP organization. Following Google's best practices for security and manageability, which THREE principles should you apply? (Select THREE)
Answer options:
A.
Assign roles to Google Groups rather than individual users
B.
Apply the principle of least privilege using predefined roles
C.
Use Folders to group projects by department or environment
D.
Grant the 'Owner' role to all senior developers
E.
Use Custom Roles for every single permission to ensure maximum security
F.
Apply all IAM policies directly at the resource level (e.g., individual VMs)
How to approach this question
Select the standard enterprise IAM best practices recommended by Google Cloud.
Full Answer
Assign roles to Google Groups rather than individual users, Apply the principle of least privilege using predefined roles, Use Folders to group projects by department or environment
Google Cloud IAM best practices dictate: 1) Use Groups (so IT just adds/removes users from a group), 2) Use predefined roles for least privilege (avoiding the broad Basic roles like Editor/Owner), and 3) Use the Resource Hierarchy (Organization -> Folders -> Projects) to inherit policies cleanly.
Common mistakes
Choosing Custom Roles (E). While useful, they require manual maintenance when Google adds new features, so predefined roles are preferred.
Practice the full GCP Professional Cloud Architect Practice Exam 5
50 questions · hints · full answers · grading
More questions from this exam
Q01CASE STUDY: TechStream Gaming
Overview: Gaming company, 500 employees, $100M revenue. 200 on-prem...HardQ02CASE STUDY: TechStream Gaming
Overview: Gaming company, 500 employees, $100M revenue. 200 on-prem...MediumQ03CASE STUDY: TechStream Gaming
Overview: Gaming company, 500 employees, $100M revenue. 200 on-prem...MediumQ04CASE STUDY: TechStream Gaming
Overview: Gaming company, 500 employees, $100M revenue. 200 on-prem...MediumQ05CASE STUDY: TechStream Gaming
Overview: Gaming company, 500 employees, $100M revenue. 200 on-prem...Easy