An organization has had a data leak scare because one employee made a sensitive Cloud Storage bucket available to the public. Given the nature of the company’s business, it is understood that there is never any reason to give the public direct access to any file. The security head wants to ensure that such an event never occurs again.
How can you ensure this?
A . Remove Edit access rights of all Cloud Storage buckets so that no user can make any edits.
B. Set an organizational policy constraint to restrict bucket access set to the public.
C. Use Cloud Scheduler to run a job at a specified interval to scan buckets. Any public permissions can be programmatically changed.
D. Write Cloud Functions code connected to Cloud Storage. Any changes will be notified to
the function which can be used to reset the public access.
Answer: B
Explanation:
The straightforward way to set it is using Organizational Policy constraint. Any attempts to change the organizational setting will be rejected for any project and resource.
Graphical user interface, text, application, email
Description automatically generated
References link:
-> https://cloud.google.com/resource-manager/docs/organization-policy/overview -> https://cloud.google.com/resource-manager/docs/organization-policy/org-policy-constraints
Latest Cloud-Digital-Leader Dumps Valid Version with 40 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund