Answer-first summary for fast verification
Answer: Use Cloud Storage to comply with major data protection standards. Use multiple service accounts attached to IAM groups to grant the appropriate access to each group.
Option D is the most appropriate choice. Google Cloud Storage is designed to comply with major data protection standards, making it suitable for storing PII. Using multiple service accounts attached to IAM groups provides granular control over who has access to the data. This approach allows for more precise access management and adheres to the principle of least privilege, which is a key security best practice. While the question discusses the use of multiple service accounts in a way that is not typically recommended, in this context, it is a better solution than the alternatives as it offers more secure and manageable access control compared to the other options.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Government regulations in the banking industry mandate the protection of clients' personally identifiable information (PII). This includes access control, encryption, and ensuring compliance with major data protection standards. Your company already utilizes Cloud Data Loss Prevention (Cloud DLP) to address some of these regulations. To further enhance PII protection and adhere to Google-recommended practices, what additional measures should you implement?
A
Assign the required Identity and Access Management (IAM) roles to every employee, and create a single service account to access project resources.
B
Use one service account to access a Cloud SQL database, and use separate service accounts for each human user.
C
Use Cloud Storage to comply with major data protection standards. Use one service account shared by all users.
D
Use Cloud Storage to comply with major data protection standards. Use multiple service accounts attached to IAM groups to grant the appropriate access to each group.
No comments yet.