Google Cloud Professional Cloud Security Engineer — Question 345

Your organization is developing an application that will have both corporate and public end-users. You want to centrally manage those customers' identities and authorizations. Corporate end users must access the application by using their corporate user and domain name. What should you do?

Answer options

• A. Add the corporate and public end-user domains to domain restricted sharing on the organization.
• B. Federate the customers' identity provider (IdP) with Workforce Identity Federation in your application's project.
• C. Do nothing. Google Workspace identities will allow you to filter personal accounts and disable their access.
• D. Use a customer identity and access management tool (CIAM) like Identity Platform.

Correct answer: D

Explanation

The correct answer, D, is appropriate because a customer identity and access management tool like Identity Platform is specifically designed for managing user identities and access for both corporate and public users. Option A is incorrect because simply adding domains does not provide the necessary identity management. Option B may not be relevant as it focuses on federating with an IdP, which isn’t the primary concern here. Option C is wrong because it assumes that Google Workspace identities alone can manage access effectively, which is not sufficient for the diverse user base.