Crucial Exams

GCP Professional Cloud Security Engineer Practice Question

Your organization is rolling out Google Cloud across 6,000 employees. Security policy mandates that every human user must have multi-factor authentication before Google's upcoming deadline for mandatory 2-Step Verification (2SV). You need to (1) require 2SV for all users in the primary Cloud Identity domain, (2) give them a 30-day window to enroll so that day-to-day operations are not disrupted, and (3) ensure that existing service accounts and CI/CD automation continue to run without change. Which action will best satisfy these requirements?

  • Enable the Advanced Protection Program for every user so that physical security keys are immediately required.

  • Create an Organization Policy constraint that blocks logins unless the account has enrolled in 2SV, and apply it at the organization node.

  • Define an Access Context Manager access level that requires MFA and attach it to all services through a perimeter.

  • From the Google Admin console, set 2-Step Verification to "On - enforced" for the root organizational unit and configure a 30-day transition period before enforcement begins.

GCP Professional Cloud Security Engineer
Configuring Access
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot