Google Cloud Professional Cloud Security Engineer — Question 237

Your company plans to move most of its IT infrastructure to Google Cloud. They want to leverage their existing on-premises Active Directory as an identity provider for Google Cloud. Which two steps should you take to integrate the company's on-premises Active Directory with Google Cloud and configure access management? (Choose two.)

Answer options

• A. Use Identity Platform to provision users and groups to Google Cloud.
• B. Use Cloud Identity SAML integration to provision users and groups to Google Cloud.
• C. Install Google Cloud Directory Sync and connect it to Active Directory and Cloud Identity.
• D. Create Identity and Access Management (IAM) roles with permissions corresponding to each Active Directory group.
• E. Create Identity and Access Management (IAM) groups with permissions corresponding to each Active Directory group.

Correct answer: C, D

Explanation

The correct answer includes installing Google Cloud Directory Sync to connect Active Directory with Google Cloud, which allows for the synchronization of user data. Additionally, creating IAM roles that align with Active Directory groups ensures that permissions are appropriately assigned. Options A and B are not necessary for this integration, and option E does not address the role-based access management needed in this scenario.