Practice free →
HomeGCP Professional Cloud Architectcloudcomputinggcppcasecurity › Which GCP design principle separates production …

Which GCP design principle separates production deploy permissions from production data-read permissions so no single person can both deploy AND read sensitive data?

ASeparation of duties (split IAM roles across distinct principals)
BDisabling audit logs
CGranting Owner to every engineer
DSharing one shared admin account across the team
Answer & Solution
Correct answer: A. Separation of duties (split IAM roles across distinct principals)
Separation of duties is a core GCP security design principle (per the exam guide §3.1). The other options collapse safeguards.
Solve this in the app — GCP Professional Cloud Architect practice & 24k+ MCQs →
Related questions