Showing Page:
1/69
Practice Test 1 - Results
All knowledge areas
All questions
Question 1:
You are the Cloud Security Manager at your company, and you want to review IAM users and
their assigned roles in the production GCP project. You want to follow Google recommended
practices. What should you do?
Check the output of gcloud iam roles list command.
(Incorrect)
Review the information in the IAM section for the production GCP project in Google
Cloud Console.
(Correct)
Review the information in the Roles section for the production GCP project in Google
Cloud Console.
Check the output of gcloud iam service-accounts list command.
Explanation
Requirements - verify users (i.e. IAM members) and roles.
Check the output of gcloud iam roles list command. is not right.
gcloud iam roles list lists the roles but does not list the users (i.e. IAM members)
Check the output of gcloud iam service-accounts list command. is not right.
gcloud iam service-accounts list lists the service accounts which are users (i.e. IAM members),
but it ignores other users that are not service accounts, e.g. users in GSuite domain, or groups
etc.
Review the information in the Roles section for the production GCP project in
Google Cloud Console. is not right.
This option allows us to review the roles but not users. See the screenshot below.
Showing Page:
2/69