Google Cloud Certified Associate Cloud Engineer Practice

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Google Cloud Certified Associate Cloud Engineer Exam with this comprehensive quiz. Ace your test with multiple choice questions, detailed hints, and thorough explanations. Boost your confidence for success!

Start Multiple Choice Practice Test
Start Flash Cards

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

You have 3 Cloud Storage buckets that all store sensitive data. Which grantees should you audit to ensure that these buckets are not public?

  1. allUsers

  2. allAuthenticatedUsers

  3. publicUsers

  4. allUsers and allAuthenticatedUsers

The correct answer is: publicUsers

The most appropriate grantees to audit for ensuring that your Cloud Storage buckets are not publicly accessible are the entities associated with "allUsers" and "allAuthenticatedUsers." "allUsers" includes anyone on the internet, meaning that if this grantee is granted any permissions on your buckets, they can potentially access sensitive data from anywhere without authentication. This would make your data publicly accessible. On the other hand, "allAuthenticatedUsers" refers to anyone who has a Google account and is authenticated; while this doesn't allow access to the general public, it still poses a risk since any authenticated user could access your sensitive data if they have the appropriate permissions. Thus, to ensure that your Cloud Storage buckets containing sensitive data are not public, it is critical to review the permissions set for both "allUsers" and "allAuthenticatedUsers," making those the key grantees to focus on during the audit.

More Questions Like This