Free Google Cloud-Digital-Leader Actual Exam Questions - Question 13 Discussion

Probably D, since it reduces risk by limiting access to only what's needed.

B imo, because restricting on-premises software access with special permission also reflects limiting access, but it’s less relevant to cloud specifically compared to D’s focus on job-based cloud resource access.

Maybe D. It’s really about making sure people only get what they need to do their tasks, no more. That way, even if someone’s credentials get compromised, the damage is limited. A and B don’t make much sense because least privilege isn’t about who controls access or on-premises stuff specifically. C sounds off since it’s about roles, not just managers. So D fits best in practice by minimizing unnecessary access and reducing risk.

I’m thinking A and B don’t fit since Google managing access or on-prem permissions don’t align with least privilege principles. Does the model apply differently for admins, or is it consistent across all users?

D, because it narrows access based on job roles, not just seniority or location.

Probably D. The key idea behind least privilege is limiting each user’s access strictly to what they need for their job, nothing extra. That way, even if someone’s credentials get compromised, the damage is contained. The other options don’t really fit—A puts responsibility on Google, which isn’t the point, B talks about on-prem software which is unrelated, and C limits access only to senior staff, which isn’t how least privilege works. It’s about role-based access, not hierarchy. So D makes the most sense here.

Makes sense to pick D since least privilege minimizes risk by restricting access strictly to what’s needed, no matter the role. It’s about limiting exposure, not just who’s senior or on-prem. D

Option D makes the most sense since limiting access strictly to what's needed reduces risk if accounts get compromised. That’s key for security in the cloud.