Topic 1 Question 156
Your company has a Google Cloud project that uses BigQuery for data warehousing. They have a VPN tunnel between the on-premises environment and Google Cloud that is configured with Cloud VPN. The security team wants to avoid data exfiltration by malicious insiders, compromised code, and accidental oversharing. What should they do?
Configure Private Google Access for on-premises only.
Perform the following tasks: 1. Create a service account. 2. Give the BigQuery JobUser role and Storage Reader role to the service account. 3. Remove all other IAM access from the project.
Configure VPC Service Controls and configure Private Google Access.
Configure Private Google Access.
ユーザの投票
コメント(17)
Without the discussion this site would be useless, many thanks to all that participate. Majority of answers are wrong...
👍 51Craigenator2021/11/26C is the recommended one https://cloud.google.com/vpc-service-controls/docs/overview
👍 31diaga22021/09/08- 正解だと思う選択肢: C
Going by definition- VPC Service Controls improves your ability to mitigate the risk of data exfiltration from Google Cloud services such as Cloud Storage and BigQuery.
hence C is correct
👍 6nkit2022/04/23
シャッフルモード