PROFESSIONAL-CLOUD-DEVELOPER · Question #198
PROFESSIONAL-CLOUD-DEVELOPER Question #198: Real Exam Question with Answer & Explanation
The correct answer is C: 1. Configure a private IP address for Cloud SQL. Without using VPC-SC, the PII data is not secure from exfiltration. So that leaves only C, and D as possible valid responses. However, D can be eliminated because both the Cloud SQL instance and and Cloud Storage bucket must be within the same perimeter, which leaves C and the va
Question
Your team is building an application for a financial institution. The application's frontend runs on Compute Engine, and the data resides in Cloud SQL and one Cloud Storage bucket. The application will collect data containing PII, which will be stored in the Cloud SQL database and the Cloud Storage bucket. You need to secure the PII data. What should you do?
Options
- A1. Create the relevant firewall rules to allow only the frontend to communicate with the Cloud SQL
- B1. Create the relevant firewall rules to allow only the frontend to communicate with the Cloud SQL
- C1. Configure a private IP address for Cloud SQL
- D1. Configure a private IP address for Cloud SQL
Explanation
Without using VPC-SC, the PII data is not secure from exfiltration. So that leaves only C, and D as possible valid responses. However, D can be eliminated because both the Cloud SQL instance and and Cloud Storage bucket must be within the same perimeter, which leaves C and the valid answer.
Topics
Community Discussion
No community discussion yet for this question.