ExpertHard1 markMultiple Choice
GCP PCA · Question 39 · Security Design
A healthcare company is storing sensitive patient documents in Cloud Storage. To meet compliance requirements, they must ensure that access permissions are applied consistently at the bucket level (preventing individual objects from having public access), and they must prevent data from being downloaded to unauthorized networks. Which TWO security controls should you implement? (Select TWO)
A healthcare company is storing sensitive patient documents in Cloud Storage. To meet compliance requirements, they must ensure that access permissions are applied consistently at the bucket level (preventing individual objects from having public access), and they must prevent data from being downloaded to unauthorized networks. Which TWO security controls should you implement? (Select TWO)
Answer options:
A.
Uniform bucket-level access
B.
Cloud Armor
C.
VPC Service Controls
D.
Customer-Managed Encryption Keys (CMEK)
E.
Identity-Aware Proxy (IAP)
How to approach this question
Identify the feature that disables object ACLs, and the feature that restricts network access to GCP APIs.
Full Answer
Uniform bucket-level access, VPC Service Controls
Uniform bucket-level access unifies and simplifies access control by disabling object-level ACLs, ensuring consistent IAM policies. VPC Service Controls mitigates data exfiltration risks by restricting API access to Cloud Storage based on network context (e.g., blocking access from the public internet).
Common mistakes
Selecting CMEK (D) assuming encryption solves all security problems, missing the specific requirement about network exfiltration.
Practice the full GCP Professional Cloud Architect Practice Exam 6
50 questions · hints · full answers · grading
More questions from this exam
Q01CASE STUDY: TechStream Gaming
Overview:
Industry: Gaming
Size: 500 employees, $100M revenue
Env...MediumQ02CASE STUDY: TechStream Gaming
Overview:
Industry: Gaming
Size: 500 employees, $100M revenue
Env...MediumQ03CASE STUDY: TechStream Gaming
Overview:
Industry: Gaming
Size: 500 employees, $100M revenue
Env...HardQ04CASE STUDY: TechStream Gaming
Overview:
Industry: Gaming
Size: 500 employees, $100M revenue
Env...MediumQ05CASE STUDY: TechStream Gaming
Overview:
Industry: Gaming
Size: 500 employees, $100M revenue
Env...Easy