Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. Discussions
  3. Google
  4. Google Cloud Certified
  5. Professional-Cloud-Security-Engineer Discussions
  6. Professional-Cloud-Security-Engineer Exam Topic 9 Question 83 Discussion
 Google Discussions
Exam Professional-Cloud-Security-Engineer All Questions
Exam Professional-Cloud-Security-Engineer All Questions

View all questions & answers for the Professional-Cloud-Security-Engineer exam

Go to Exam

Google Cloud Certified Professional-Cloud-Security-Engineer Question # 83 Topic 9 Discussion

Professional-Cloud-Security-Engineer Exam Topic 9 Question 83 Discussion:
Question #: 83
Topic #: 9

You plan to deploy your cloud infrastructure using a CI/CD cluster hosted on Compute Engine. You want to minimize the risk of its credentials being stolen by a third party. What should you do?
A.

Create a dedicated Cloud Identity user account for the cluster. Use a strong self-hosted vault solution to store the user's temporary credentials.

B.

Create a dedicated Cloud Identity user account for the cluster. Enable the constraints/iam.disableServiceAccountCreation organization policy at the project level.

C.

Create a custom service account for the cluster Enable the constraints/iam.disableServiceAccountKeyCreation organization policy at the project level.

D.

Create a custom service account for the cluster Enable the constraints/iam.allowServiceAccountCredentialLifetimeExtension organization policy at the project level.

Get Premium Professional-Cloud-Security-Engineer Questions
Actual exam question for Google Professional-Cloud-Security-Engineer exam by Jett768 at May 1, 2026, 3:48:22 PM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit