Google Professional Cloud Architect
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
As a cloud architect at a financial institution, you are responsible for managing the storage of mortgage loan approval documents on Google Cloud Storage. The institution's compliance policy requires that once approval documents are uploaded, they cannot be deleted or modified for a minimum period of 5 years. Any changes to these documents must be made by uploading a new version as a separate file. How would you ensure that the documents cannot be deleted or overwritten for the next 5 years?
A
Create a retention policy on the bucket for the duration of 5 years. Create a lock on the retention policy.
B
Create the bucket with uniform bucket-level access, and grant a service account the role of Object Writer. Use the service account to upload new files.
C
Use a customer-managed key for the encryption of the bucket. Rotate the key after 5 years.
D
Create the bucket with fine-grained access control, and grant a service account the role of Object Writer. Use the service account to upload new files.