Exam4Training

How should your organization meet this requirement?

Your organization uses Active Directory to authenticate users. Users’ Google account access must be removed when their Active Directory account is terminated.

How should your organization meet this requirement?
A . Configure two-factor authentication in the Google domain
B . Remove the Google account from all IAM policies
C . Configure BeyondCorp and Identity-Aware Proxy in the Google domain
D . Configure single sign-on in the Google domain

Answer: D

Explanation:

Configure single sign-on in the Google domain

Single sign-on: Whenever a user needs to authenticate, Google Cloud delegates the authentication to Active Directory by using the Security Assertion Markup Language (SAML) protocol. This delegation ensures that only Active Directory manages user credentials and that any applicable policies or multi-factor authentication (MFA) mechanisms are being enforced. For a sign-on to succeed.

https://cloud.google.com/architecture/identity/federating-gcp-with-active-directory-introduction

Reference Link- https://cloud.google.com/architecture/identity/single-sign-on

Exit mobile version