Google Professional Cloud Architect
Get started today
Ultimate access to all questions.
You are tasked with setting up secure storage for sensitive files in Google Cloud Storage for your organization. According to Google's best practices and simplest design principles, what is the best approach to enforce security requirements and utilize encryption for the stored files?
You are tasked with setting up secure storage for sensitive files in Google Cloud Storage for your organization. According to Google's best practices and simplest design principles, what is the best approach to enforce security requirements and utilize encryption for the stored files?
Explanation:
The correct answer is C. Google's best practices recommend using predefined IAM roles to manage access controls for simplicity and security. Additionally, leveraging Google’s default encryption at rest provides a straightforward and secure method for data encryption without needing to manage encryption keys manually. While custom roles and customer-supplied encryption keys offer more control, they also add complexity and are not necessary for most use cases when predefined solutions are available.