You are in charge of creating a new Google Cloud organization for your company. Which two actions should you take when creating the super administrator accounts? (Choose two.)
A.
Create an access level in the Google Admin console to prevent super admin from logging in to Google Cloud.
B.
Disable any Identity and Access Management (1AM) roles for super admin at the organization level in the Google Cloud Console.
C.
Use a physical token to secure the super admin credentials with multi-factor authentication (MFA).
D.
Use a private connection to create the super admin accounts to avoid sending your credentials over the Internet.
E.
Provide non-privileged identities to the super admin users for their day-to-day activities.
Physical Token for MFA: Implement multi-factor authentication (MFA) using physical tokens (such as security keys) for super admin accounts. This adds an extra layer of security to the highest privilege accounts.
Non-Privileged Identities: Provide super admins with separate non-privileged accounts for daily activities. This practice minimizes the risk associated with using highly privileged accounts for routine tasks.
Account Management: Ensure that super admin accounts are only used for tasks requiring elevated privileges, reducing exposure to potential security threats. These measures enhance the security of super admin accounts, protecting your Google Cloud organization from unauthorized access. References:
Google Cloud - Best Practices for Securing Cloud Identity
Google Cloud - Using Security Keys
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit