Google Cloud Professional Cloud Security Engineer — Question 214

You work at a company in a regulated industry and are responsible for ongoing security of the Cloud environment. You need to prevent and detect misconfigurations in a particular folder based on specific compliance policies. You need to adhere to industry-specific compliance policies and policies that are internal to your company. What should you do?

Answer options

• A. Create a Posture file by using custom and predefined SHA or organization policies. Enforce the posture on the folder level.
• B. Create custom organization policies that follow specific business requirements. Enforce the policies on the folder level.
• C. Enable Assured Workloads on the folder level, with the specific control bundle appropriate for your industry’s regulations.
• D. Use Workload Manager with custom Rego policies to continuously scan the environment for misconfigurations on the folder level.

Correct answer: A

Explanation

The correct answer is A because creating a Posture file allows for the application of both custom and predefined policies specifically at the folder level, ensuring compliance with industry regulations. Options B and C, while valid approaches, do not utilize the Posture file mechanism which is essential for this scenario. Option D emphasizes continuous scanning but does not directly address the need for compliance-focused posture enforcement.