What should you do?
You are part of a security team that wants to ensure that a Cloud Storage bucket in Project A can only be readable from Project B. You also want to ensure that data in the Cloud Storage bucket cannot be accessed from or copied to Cloud Storage buckets outside the network, even if the user has the correct credentials.
What should you do?
A . Enable VPC Service Controls, create a perimeter with Project A and B, and include Cloud Storage service.
B . Enable Domain Restricted Sharing Organization Policy and Bucket Policy Only on the Cloud Storage bucket.
C . Enable Private Access in Project A and B networks with strict firewall rules to allow communication between the networks.
D . Enable VPC Peering between Project A and B networks with strict firewall rules to allow communication between the networks.
Answer: B
Explanation:
Reference: https://cloud.google.com/resource-manager/docs/organization-policy/restricting-domains
Latest Professional Cloud Security Engineer Dumps Valid Version with 93 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund