Question 1

CASE STUDY: HealthData Corp

Overview: Healthcare SaaS managing 10PB of sensitive patient records and imaging.
Business: Strict HIPAA/SOC 2 compliance, ransomware protection, secure sharing of anonymized data with researchers, robust DR.
Executives:
- CEO: "Trust is our product. Zero tolerance for breaches."
- CFO: "Storage costs growing exponentially. Need lifecycle management."
- CISO: "Zero-trust architecture, end-to-end encryption."
Tech: RPO 15m, RTO 2h for core DB. All data CMEK encrypted. Strict access controls, audit logging. Prevent data exfiltration.
Constraints: Images retained 7 years but rarely accessed after 90 days. Researchers use external identities. No public IPs on compute.

To address the CFO's cost concerns and the ransomware protection requirement, how should you configure the Cloud Storage buckets for medical imaging?

Accepted Answer

Combine the feature that prevents accidental/malicious overwrites (Versioning) with the feature that reduces costs over time (Lifecycle policies).

Question 2

What mistakes do candidates make on this GCP PCA question?

Accepted Answer

Applying Coldline/Archive immediately (C). This incurs massive retrieval costs during the first 90 days when the data is actively used.

How to approach this question

Full Answer

Common mistakes

Practice the full GCP Professional Cloud Architect Practice Exam 4

More questions from this exam