CASE STUDY: HealthSecure. 50M patient records. Legacy mainframe, on-prem SAN (100TB), .NET portal. Req: Modernize portal, secure hospital sharing, fast audits. CEO: Modern UX. CFO: Automate audits. CISO: Zero breaches. Tech: HIPAA, CMEK, audit logging, API gateway, DR (1h RPO/4h RTO). Constraints: No public DB IPs, Dev/Ops separation, US data only, mainframe stays on-prem via VPN.
To meet the 1-hour RPO and 4-hour RTO for the modernized portal database, which architecture should you implement?
GCP PCA · Question 17 · Domain 2: Managing and Provisioning a Solution Infrastructure
CASE STUDY: HealthSecure. 50M patient records. Legacy mainframe, on-prem SAN (100TB), .NET portal. Req: Modernize portal, secure hospital sharing, fast audits. CEO: Modern UX. CFO: Automate audits. CISO: Zero breaches. Tech: HIPAA, CMEK, audit logging, API gateway, DR (1h RPO/4h RTO). Constraints: No public DB IPs, Dev/Ops separation, US data only, mainframe stays on-prem via VPN.
Which service should you use to implement the API gateway for secure data sharing with partner hospitals?
Answer options:
Cloud Endpoints
Apigee
Cloud NAT
Identity-Aware Proxy (IAP)
50 questions · hints · full answers · grading
Expert