Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Security Engineer Exam - Topic 3 Question 73 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 73
Topic #: 3
[All Professional Cloud Security Engineer Questions]

Your organization wants to be compliant with the General Data Protection Regulation (GDPR) on Google Cloud You must implement data residency and operational sovereignty in the EU.

What should you do?

Choose 2 answers

Show Suggested Answer Hide Answer
Suggested Answer: A, C

https://cloud.google.com/architecture/framework/security/data-residency-sovereignty#manage_your_operational_sovereignty


by Junita at Mar 07, 2024, 01:52 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Johnson
4 months ago
E is useful, but not a top priority for GDPR compliance.
upvoted 0 times
...
Otis
4 months ago
D makes sense, but is it really necessary?
upvoted 0 times
...
Jennifer
4 months ago
Surprised that limiting personnel access is an option!
upvoted 0 times
...
Glenna
4 months ago
I think B is also important for monitoring.
upvoted 0 times
...
Chanel
4 months ago
A and C are definitely the right choices!
upvoted 0 times
...
Domingo
5 months ago
I remember discussing VPC Flow Logs in class, but I’m not convinced they directly relate to data residency requirements.
upvoted 0 times
...
Marleen
5 months ago
I practiced a similar question where limiting access based on location was key, so I feel like D could be a good choice too.
upvoted 0 times
...
Clement
5 months ago
I'm not entirely sure about option C; it sounds relevant, but I can't remember if it's specifically for GDPR compliance.
upvoted 0 times
...
Cordelia
5 months ago
I think option A makes sense because we need to restrict where our data is stored to comply with GDPR.
upvoted 0 times
...
Olive
5 months ago
I think I've got a good handle on this. Limiting Google personnel access based on attributes like citizenship or location, and using identity federation to restrict non-EU access, should cover the main GDPR requirements for this scenario.
upvoted 0 times
...
Sherman
5 months ago
I'm a bit confused by some of the options here. What's the difference between using Cloud IDS and VPC Flow Logs? I'll need to research those a bit more to understand which one is better for this use case.
upvoted 0 times
...
Daniel
5 months ago
Okay, I've got this. Limiting the physical location of resources and using identity federation to restrict access from non-EU entities are the two key things I'd do to ensure data residency and sovereignty in the EU.
upvoted 0 times
...
Eleonora
5 months ago
Hmm, this is a tricky one. I'm not super familiar with GDPR compliance on Google Cloud. I'll need to carefully read through the options and see which ones seem most relevant to the requirements.
upvoted 0 times
...
Ben
5 months ago
This question seems straightforward, I think I can handle it. Let me think through the key requirements - data residency and operational sovereignty in the EU. I'll focus on options that address those directly.
upvoted 0 times
...
Kayleigh
5 months ago
I think this one is pretty straightforward. The auditor would issue a qualified opinion if there was a scope limitation or a material weakness in internal control, so the answer is C.
upvoted 0 times
...
Cristal
6 months ago
The resource breakdown structure is the way to go here. This type of diagram is specifically designed to visualize the resources that will be used in a project, so it's the best fit for this question.
upvoted 0 times
...
Twanna
6 months ago
Ah, I remember learning about this in class. Without IAM, you'd have to create separate AWS accounts for each employee or share login credentials, which is a security risk. IAM is the way to go here.
upvoted 0 times
...
Rozella
2 years ago
Using VPC Flow Logs to monitor traffic in the EU is also crucial for compliance with GDPR.
upvoted 0 times
...
Queenie
2 years ago
I agree with both of those options. It's important to ensure data residency and operational sovereignty in the EU.
upvoted 0 times
...
Lashaunda
2 years ago
Yes, that's a good start. We also need to use identity federation to limit access from non-EU entities.
upvoted 0 times
...
Helga
2 years ago
I think we should limit the physical location of resources with the Organization Policy Service constraint.
upvoted 0 times
...
Lilli
2 years ago
Yeah, I was thinking the same thing. Wouldn't it be better to use identity federation to limit access from non-EU entities? That seems more flexible and in line with GDPR principles.
upvoted 0 times
...
Alexia
2 years ago
Hmm, I'm not sure about the Key Access Justifications approach. Limiting access based on citizenship or geographic location sounds a bit too restrictive to me.
upvoted 0 times
...
Lonna
2 years ago
I agree. We need to make sure the physical location of our resources is limited to the EU, and we need to have visibility into the traffic within and between our VPCs to monitor compliance.
upvoted 0 times
...
Kyoko
2 years ago
This question seems to be testing our understanding of GDPR compliance on Google Cloud. The key requirements here are data residency and operational sovereignty in the EU.
upvoted 0 times
Whitney
2 years ago
E) Use VPC Flow Logs to monitor intra-VPC and inter-VPC traffic in the EU.
upvoted 0 times
...
Aretha
2 years ago
A) Limit the physical location of a new resource with the Organization Policy Service resource locations constraint.
upvoted 0 times
...
...

Save Cancel