Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Google Discussions

Exam Associate Cloud Engineer topic 1 question 1 discussion

Actual exam question from Google's Associate Cloud Engineer
Question #: 1
Topic #: 1
[All Associate Cloud Engineer Questions]

Every employee of your company has a Google account. Your operational team needs to manage a large number of instances on Compute Engine. Each member of this team needs only administrative access to the servers. Your security team wants to ensure that the deployment of credentials is operationally efficient and must be able to determine who accessed a given instance. What should you do?

  • A. Generate a new SSH key pair. Give the private key to each member of your team. Configure the public key in the metadata of each instance.
  • B. Ask each member of the team to generate a new SSH key pair and to send you their public key. Use a configuration management tool to deploy those keys on each instance.
  • C. Ask each member of the team to generate a new SSH key pair and to add the public key to their Google account. Grant the ג€compute.osAdminLoginג€ role to the Google group corresponding to this team.
  • D. Generate a new SSH key pair. Give the private key to each member of your team. Configure the public key as a project-wide public SSH key in your Cloud Platform project and allow project-wide public SSH keys on each instance.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
Reference:
https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys
by zakhili at May 31, 2020, 9:40 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
dan80
Highly Voted 3 years, 10 months ago
C is correct - https://cloud.google.com/compute/docs/instances/managing-instance-access
upvoted 75 times
adedj99
3 years, 6 months ago
We recommend collecting users with the same responsibilities into groups and assigning IAM roles to the groups rather than to individual users. For example, you can create a "data scientist" group and assign appropriate roles to enable interaction with BigQuery and Cloud Storage. When a new data scientist joins your team, you can simply add them to the group and they will inherit the defined permissions. You can create and manage groups through the Admin Console.
upvoted 13 times
...
...
fapsirertu
Highly Voted 3 months ago
itexamstest.com C is Correct
upvoted 30 times
...
noopy
Most Recent 1 week, 1 day ago
Selected Answer: C
C is the most appropriate. In this option, each team member generates their own SSH key pair and adds the public key to their Google account. By granting the `compute.osAdminLogin` role to the corresponding Google group for this team, security is enhanced, and operational efficiency is improved. This setup also allows precise tracking of which member accessed which instance.
upvoted 1 times
...
keybin
2 weeks ago
Selected Answer: C
C is correct
upvoted 1 times
...
7b00725
3 weeks, 1 day ago
Selected Answer: C
C is Correct
upvoted 1 times
...
orlaanto
4 weeks, 1 day ago
I think It´s C. But for linux, It colud be D
upvoted 1 times
...
Srinu_007
1 month, 1 week ago
D is correct
upvoted 1 times
...
Viswanathan83
1 month, 3 weeks ago
C is correct
upvoted 1 times
...
pumajd
1 month, 4 weeks ago
Selected Answer: D
Because they need administrative access only on the machines
upvoted 1 times
...
Ele24
2 months ago
Selected Answer: C
C is Correct
upvoted 1 times
...
beginnercloud
2 months, 1 week ago
Selected Answer: C
C is correct
upvoted 1 times
...
SAMBIT
2 months, 3 weeks ago
https://cloud.google.com/compute/docs/oslogin/set-up-oslogin
upvoted 1 times
...
Abhi00754
3 months, 1 week ago
Selected Answer: B
javascript:void(0)
upvoted 1 times
...
nobuocom
3 months, 1 week ago
The access can be given adding SSH public key to GCE -> Metadata. Thus every instance will inherit the key. Furthermore, granting Compute OS Admin Login will also grant access. The question badly formulated, however the answer seems to be C.
upvoted 1 times
...
anuj7kaushik
3 months, 3 weeks ago
Selected Answer: C
its a bad practice to share pvt keys so answer should be C
upvoted 1 times
...
dgmon174
3 months, 3 weeks ago
The answer is C. The question says the security team "must be able to determine who accessed a given instance". If you give everyone the same key like D suggests you won't be able to know who's logged in when they're sharing the same key.
upvoted 2 times
...
MiscoMove
4 months, 1 week ago
Selected Answer: D
Should be C!
upvoted 1 times
...
Load full discussion...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel