Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Security Engineer Exam - Topic 1 Question 105 Discussion

A company is running their webshop on Google Kubernetes Engine and wants to analyze customer transactions in BigQuery. You need to ensure that no credit card numbers are stored in BigQueryWhat should you do?
B) Use the Cloud Data Loss Prevention API to redact related infoTypes before data is ingested into BigQuery.
A) Create a BigQuery view with regular expressions matching credit card numbers to query and delete affected rows.
C) Leverage Security Command Center to scan for the assets of type Credit Card Number in BigQuery.
D) Enable Cloud Identity-Aware Proxy to filter out credit card numbers before storing the logs in BigQuery.

Google Professional Cloud Security Engineer Exam - Topic 1 Question 105 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 105
Topic #: 1
[All Professional Cloud Security Engineer Questions]

A company is running their webshop on Google Kubernetes Engine and wants to analyze customer transactions in BigQuery. You need to ensure that no credit card numbers are stored in BigQuery

What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: B

https://cloud.google.com/bigquery/docs/scan-with-dlp

Cloud Data Loss Prevention API allows to detect and redact or remove sensitive data before the comments or reviews are published. Cloud DLP will read information from BigQuery, Cloud Storage or Datastore and scan it for sensitive data.


by Flo at Jul 14, 2025, 07:54 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Nan
5 months ago
Totally agree with B! DLP is essential for this.
upvoted 0 times
...
Cecil
6 months ago
Wait, can you really prevent credit card data from being ingested?
upvoted 0 times
...
Rolf
6 months ago
B is definitely the way to go!
upvoted 0 times
...
Carlee
6 months ago
I think A could work too, but it's not foolproof.
upvoted 0 times
...
Wei
6 months ago
C seems a bit overkill for this situation.
upvoted 0 times
...
Tanesha
6 months ago
I don't think enabling Cloud Identity-Aware Proxy would help with this specific issue. It seems more focused on access control rather than data redaction.
upvoted 0 times
...
Amalia
7 months ago
I feel like Security Command Center is more about monitoring than actually preventing sensitive data from being stored. Is that right?
upvoted 0 times
...
Ashanti
7 months ago
I'm not entirely sure, but I think creating a BigQuery view with regex might not be enough to prevent credit card numbers from being stored in the first place.
upvoted 0 times
...
Frank
7 months ago
I remember we discussed using the Cloud Data Loss Prevention API in class. It seems like a solid choice for redacting sensitive information.
upvoted 0 times
...
Victor
7 months ago
Option D with Cloud Identity-Aware Proxy sounds promising to filter out the sensitive data before it reaches BigQuery. I'll make sure to understand how that service works.
upvoted 0 times
...
Robt
7 months ago
Option C with Security Command Center could be a good way to scan for and identify any credit card numbers, but I'm not sure if that fully solves the problem of preventing them from being stored in the first place.
upvoted 0 times
...
Ivory
8 months ago
The regular expression approach in option A seems a bit risky to me. I'd rather use a more robust data protection service like the one in option B.
upvoted 0 times
...
Yvonne
8 months ago
Hmm, I'm not too familiar with the Cloud Data Loss Prevention API. I'll need to read up on that option to understand how it can help redact sensitive data.
upvoted 0 times
...
Cecil
8 months ago
This looks like a straightforward data security question. I'll focus on the key requirements - no credit card numbers in BigQuery and using the right Google Cloud services.
upvoted 0 times
...
Wilda
10 months ago
Option C with Security Command Center is an interesting idea, but I doubt it's the most efficient solution here. B is clearly the winner.
upvoted 0 times
...
Alana
10 months ago
Haha, option D made me chuckle. Filtering out credit card numbers with Cloud Identity-Aware Proxy? Sounds like a roundabout way to do it.
upvoted 0 times
Penney
9 months ago
C) Leverage Security Command Center to scan for the assets of type Credit Card Number in BigQuery.
upvoted 0 times
...
Bulah
9 months ago
B) Use the Cloud Data Loss Prevention API to redact related infoTypes before data is ingested into BigQuery.
upvoted 0 times
...
Willard
9 months ago
A) Create a BigQuery view with regular expressions matching credit card numbers to query and delete affected rows.
upvoted 0 times
...
...
Lelia
10 months ago
I think option C is the most efficient way to handle this situation.
upvoted 0 times
...
Alesia
10 months ago
I'm not sure, I think option A could also work if implemented correctly.
upvoted 0 times
...
Novella
10 months ago
I like how option B takes care of the problem proactively. Manually scanning and deleting rows with regex feels like a lot of work.
upvoted 0 times
Virgie
9 months ago
It definitely saves time compared to manually creating and deleting rows with regex.
upvoted 0 times
...
King
9 months ago
I agree, using the Cloud Data Loss Prevention API to redact infoTypes before ingestion is a proactive approach.
upvoted 0 times
...
Clare
10 months ago
User 3: Yeah, it's definitely better than manually scanning and deleting rows with regex.
upvoted 0 times
...
Antonio
10 months ago
Option B sounds like the best solution to prevent storing credit card numbers in BigQuery.
upvoted 0 times
...
Ty
10 months ago
User 2: I agree, using the Cloud Data Loss Prevention API seems like a proactive approach.
upvoted 0 times
...
Scarlet
10 months ago
User 1: Option B sounds like the best solution to me.
upvoted 0 times
...
...
Clay
11 months ago
I agree with Jesusa, using the Cloud Data Loss Prevention API sounds like the most secure option.
upvoted 0 times
...
Jesusa
11 months ago
I think option B is the best choice.
upvoted 0 times
...
Dorthy
11 months ago
Option B seems like the way to go. Using the Cloud Data Loss Prevention API to redact sensitive info like credit card numbers before ingesting into BigQuery is a no-brainer.
upvoted 0 times
Ettie
11 months ago
User 3: I think it's important to prioritize data security, especially when dealing with customer transactions.
upvoted 0 times
...
Karina
11 months ago
User 2: Agreed, that's a secure way to handle sensitive data.
upvoted 0 times
...
Crista
11 months ago
User 1: Option B seems like the way to go. Using the Cloud Data Loss Prevention API to redact sensitive info like credit card numbers before ingesting into BigQuery is a no-brainer.
upvoted 0 times
...
...

Save Cancel