PROFESSIONAL-CLOUD-SECURITY-ENGINEER · Question #348
PROFESSIONAL-CLOUD-SECURITY-ENGINEER Question #348: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to reveal the answer and full explanation for question #348. The question stem and answer options stay visible for context.
Question
Your organization's application is being integrated with a partner application that requires read access to customer data to process customer orders. The customer data is stored in one of your Cloud Storage buckets. You have evaluated different options and determined that this activity requires the use of service account keys. You must advise the partner on how to minimize the risk of a compromised service account key causing a loss of data. What should you advise the partner to do?
Options
- AScan the Cloud Storage bucket with Sensitive Data Protection when new data is added, and
- BDefine a VPC Service Controls perimeter, and restrict the Cloud Storage API. Add an ingress rule
- CEnsure that all data for the application that is accessed through the relevant service accounts is
- DImplement a secret management service. Configure the service to frequently rotate the service
Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-CLOUD-SECURITY-ENGINEER questions. Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.