🔥 3-day streak
Professional Cloud Security Engineer89 / 152
Question 89 of 152

A security engineer at a financial services company is performing a quarterly access review. A data analyst was granted the roles/editor role on the analytics project six months ago, but audit logs show they have only ever read BigQuery datasets and viewed Cloud Storage objects. Leadership wants to enforce least privilege while avoiding disruption to the analyst's legitimate work. Which approach should the engineer use to most efficiently right-size this access based on actual usage?

Reviewed for accuracy · Report an issueNext question