Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Exam Professional Cloud Security Engineer Topic 4 Question 69 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 69
Topic #: 4
[All Professional Cloud Security Engineer Questions]

Your organization uses BigQuery to process highly sensitive, structured datasets. Following the "need to know" principle, you need to create the Identity and Access Management (IAM) design to meet the needs of these users:

* Business user must access curated reports.

* Data engineer: must administrate the data lifecycle in the platform.

* Security operator: must review user activity on the data platform.

What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: C

This option directly addresses the needs of the business user who must access curated reports. By creating curated tables in a separate dataset, you can control access to specific data. Assigning the roles/bigquery.dataViewer role allows the business user to view the data in BigQuery.


by Jess at Dec 14, 2023, 12:02 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Florinda
11 months ago
I think option C is the way to go. It's the only one that really addresses all the requirements while maintaining the necessary security measures. Plus, it's the most straightforward solution - no need to get overly complex with things like row-level access control.
upvoted 0 times
...
Clemencia
11 months ago
Yeah, I'm leaning towards option C as well. The other options either involve too much risk or don't provide the level of control and granularity we need. I like how option C separates the datasets and assigns the appropriate roles.
upvoted 0 times
...
Laura
11 months ago
I agree with Janey. Option C seems like the most secure and user-friendly solution. Sending a CSV file to the business user's email would be a security risk, and the other options don't fully address the need-to-know principle.
upvoted 0 times
...
Janey
11 months ago
Hmm, this is a tricky question. I think the best approach is to go with option C. Creating curated tables in a separate dataset and assigning the role roles/bigquery.dataViewer seems like the most appropriate way to handle the requirement of the business user needing access to the reports.
upvoted 0 times
Tresa
10 months ago
Great, I think we have a good plan now with options C, D, and A.
upvoted 0 times
...
Cherry
10 months ago
Yes, that way they can review user activity on the platform.
upvoted 0 times
...
Nydia
10 months ago
That makes sense. And for the security operator, maybe option A for data access log?
upvoted 0 times
...
Nikita
10 months ago
For the data engineer, maybe we should go with option D for row-based access control.
upvoted 0 times
...
Stacey
10 months ago
But what about the data engineer and security operator requirements?
upvoted 0 times
...
Han
10 months ago
I agree, separating the curated tables seems like a good idea.
upvoted 0 times
...
Dong
10 months ago
Option C sounds like the best choice.
upvoted 0 times
...
...

Save Cancel