Google Professional Data Engineer
Get started today
Ultimate access to all questions.
Government regulations in the banking industry mandate the protection of clients' personally identifiable information (PII). This includes access control, encryption, and ensuring compliance with major data protection standards. Your company already utilizes Cloud Data Loss Prevention (Cloud DLP) to address some of these regulations. To further enhance PII protection and adhere to Google-recommended practices, what additional measures should you implement?
Government regulations in the banking industry mandate the protection of clients' personally identifiable information (PII). This includes access control, encryption, and ensuring compliance with major data protection standards. Your company already utilizes Cloud Data Loss Prevention (Cloud DLP) to address some of these regulations. To further enhance PII protection and adhere to Google-recommended practices, what additional measures should you implement?
Explanation:
Option D is the most appropriate choice. Google Cloud Storage is designed to comply with major data protection standards, making it suitable for storing PII. Using multiple service accounts attached to IAM groups provides granular control over who has access to the data. This approach allows for more precise access management and adheres to the principle of least privilege, which is a key security best practice. While the question discusses the use of multiple service accounts in a way that is not typically recommended, in this context, it is a better solution than the alternatives as it offers more secure and manageable access control compared to the other options.