Topic 1 Question 181
Your team is building an application for a financial institution. The application's frontend runs on Compute Engine, and the data resides in Cloud SQL and one Cloud Storage bucket. The application will collect data containing PII, which will be stored in the Cloud SQL database and the Cloud Storage bucket. You need to secure the PII data. What should you do?
- Create the relevant firewall rules to allow only the frontend to communicate with the Cloud SQL database
- Using IAM, allow only the frontend service account to access the Cloud Storage bucket
- Create the relevant firewall rules to allow only the frontend to communicate with the Cloud SQL database
- Enable private access to allow the frontend to access the Cloud Storage bucket privately
- Configure a private IP address for Cloud SQL
- Use VPC-SC to create a service perimeter
- Add the Cloud SQL database and the Cloud Storage bucket to the same service perimeter
- Configure a private IP address for Cloud SQL
- Use VPC-SC to create a service perimeter
- Add the Cloud SQL database and the Cloud Storage bucket to different service perimeters
ユーザの投票
コメント(4)
- 正解だと思う選択肢: C
Without using VPC-SC, the PII data is not secure from exfiltration. So that leaves only C, and D as possible valid responses. However, D can be eliminated because both the Cloud SQL instance and and Cloud Storage bucket must be within the same perimeter, which leaves C and the valid answer.
👍 5micoams2022/12/18 - 正解だと思う選択肢: C
Answer C
👍 3TNT872023/01/05 - 正解だと思う選択肢: C
C should be the correct answer instead.
👍 2zellck2023/01/07
シャッフルモード