Your organization recently activated the Security Command Center (SCC) standard tier. There are a few Cloud Storage buckets that were accidentally made accessible to the public. You need to investigate the impact of the incident and remediate it.
What should you do?
A. 1. Remove the Identity and Access Management (IAM) granting access to all Users from the buckets.
2. Apply the organization policy storage.uniformBucketLevelAccess to prevent regressions.
3. Query the data access logs to report on unauthorized access.
B. 1. Change permissions to limit access for authorized users.
2. Enforce a VPC Service Controls perimeter around all the production projects to immediately stop any unauthorized access.
3. Review the administrator activity audit logs to report on any unauthorized access.
C. 1. Change the bucket permissions to limit access.
2. Query the bucket’s usage logs to report on unauthorized access to the data.
3. Enforce the organization policy storage.publicAccessPrevention to avoid regressions.
D. 1. Change bucket permissions to limit access.
2. Query the data access audit logs for any unauthorized access to the buckets.
3. After the misconfiguration is corrected, mute the finding in the Security Command Center.
Answer
C