Answer-first summary for fast verification
Answer: 1. Create a VPC Service Controls perimeter that includes the projects with the buckets. 2. Create an access level with the CIDR of the office network.
The correct answer is A. Creating a VPC Service Controls perimeter that includes the projects with the Cloud Storage buckets and creating an access level with the CIDR of the office network ensures that resources within the perimeter are accessed only from clients within authorized VPC networks. This effectively prevents data analysts from retrieving the data in the buckets from outside the office network, aligning with the security requirement to prevent data exfiltration.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Your company stores highly sensitive data in Google Cloud Storage buckets, and data analysts have Identity Access Management (IAM) permissions to read from these buckets. To ensure security, you want to prevent data analysts from accessing the data in these buckets when they are not connected to the company's office network. How should you configure your Google Cloud environment to meet this requirement?
A
B
C
D