Which organization-level policy constraint should you enable?

Professional Cloud Security Engineer V2 0 Comments

You want to prevent users from accidentally deleting a Shared VPC host project.

Which organization-level policy constraint should you enable?
A . compute.restrictSharedVpcHostProjects
B . compute.restrictXpnProjectLienRemoval
C . compute.restrictSharedVpcSubnetworks
D . compute.sharedReservationsOwnerProjects

Answer: B

Explanation:

Reference: https://cloud.google.com/vpc/docs/provisioning-shared-vpc

https://cloud.google.com/resource-manager/docs/organization-policy/org-policy-constraints#constraints-for-specific-services

– constraints/compute.restrictXpnProjectLienRemoval

– Restrict shared VPC project lien removal

This boolean constraint restricts the set of users that can remove a Shared VPC host project lien without organization-level permission where this constraint is set to True.

By default, any user with the permission to update liens can remove a Shared VPC host project lien. Enforcing this constraint requires that permission be granted at the organization level.

Latest Professional Cloud Security Engineer Dumps Valid Version with 93 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download Professional Cloud Security Engineer PDF     Professional Cloud Security Engineer Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments