Google Exam Professional Cloud Security Engineer Topic 3 Question 73 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam

Question #: 73
Topic #: 3

[All Professional Cloud Security Engineer Questions]

Your organization wants to be compliant with the General Data Protection Regulation (GDPR) on Google Cloud You must implement data residency and operational sovereignty in the EU.

What should you do?

Choose 2 answers

ALimit the physical location of a new resource with the Organization Policy Service resource locations
constraint.'

BUse Cloud IDS to get east-west and north-south traffic visibility in the EU to monitor intra-VPC and mter-VPC communication.

CLimit Google personnel access based on predefined attributes such as their citizenship or geographic location by using Key Access Justifications

DUse identity federation to limit access to Google Cloud resources from non-EU entities.

EUse VPC Flow Logs to monitor intra-VPC and inter-VPC traffic in the EU.

Show Suggested Answer

Suggested Answer: A, C

https://cloud.google.com/architecture/framework/security/data-residency-sovereignty#manage_your_operational_sovereignty

by Junita at Mar 07, 2024, 01:52 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Rozella

10 months ago

Using VPC Flow Logs to monitor traffic in the EU is also crucial for compliance with GDPR.

upvoted 0 times

...

Queenie

10 months ago

I agree with both of those options. It's important to ensure data residency and operational sovereignty in the EU.

upvoted 0 times

...

Lashaunda

11 months ago

Yes, that's a good start. We also need to use identity federation to limit access from non-EU entities.

upvoted 0 times

...

Helga

11 months ago

I think we should limit the physical location of resources with the Organization Policy Service constraint.

upvoted 0 times

...

Lilli

1 years ago

Yeah, I was thinking the same thing. Wouldn't it be better to use identity federation to limit access from non-EU entities? That seems more flexible and in line with GDPR principles.

upvoted 0 times

...

Alexia

1 years ago

Hmm, I'm not sure about the Key Access Justifications approach. Limiting access based on citizenship or geographic location sounds a bit too restrictive to me.

upvoted 0 times

...

Lonna

1 years ago

I agree. We need to make sure the physical location of our resources is limited to the EU, and we need to have visibility into the traffic within and between our VPCs to monitor compliance.

upvoted 0 times

...

Kyoko

1 years ago

This question seems to be testing our understanding of GDPR compliance on Google Cloud. The key requirements here are data residency and operational sovereignty in the EU.

upvoted 0 times

Whitney

12 months ago

E) Use VPC Flow Logs to monitor intra-VPC and inter-VPC traffic in the EU.

upvoted 0 times

...

Aretha

12 months ago

A) Limit the physical location of a new resource with the Organization Policy Service resource locations constraint.

upvoted 0 times

...