Google Professional Data Engineer

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Use Cloud Storage to comply with major data protection standards. Use multiple service accounts attached to IAM groups to grant the appropriate access to each group.

**Correct Answer: A** Using multiple service accounts attached to IAM groups is a recommended practice for controlling access to Personally Identifiable Information (PII) in Google Cloud. This approach ensures that access to PII is restricted to only those who need it, and that access is controlled and audited effectively. **Why other options are incorrect:** - **B:** Assigning IAM roles to every employee can lead to over-privileged access and increase the risk of unauthorized access to PII. A single service account for all project resources lacks the necessary granularity and control. - **C:** This option is too focused on Cloud SQL and does not address the broader need for managing access to PII in Cloud Storage. Separate service accounts for each user are cumbersome and inefficient. - **D:** Sharing a single service account among all users does not provide the granularity and control needed for sensitive data. It's crucial to use multiple service accounts with IAM groups for appropriate access restrictions.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Use Cloud Storage to comply with major data protection standards. Use multiple service accounts attached to IAM groups to grant the appropriate access to each group.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

In the banking industry, government regulations require the protection of clients' personally identifiable information (PII). Your company has policies that PII must be encrypted, access-controlled, and compliant with key data protection standards. You are using Cloud Data Loss Prevention (Cloud DLP) and want to follow Google's recommended practices by using service accounts to manage access to PII. What should you do?

Real Exam

Use Cloud Storage to comply with major data protection standards. Use multiple service accounts attached to IAM groups to grant the appropriate access to each group.

86.7%

Assign the required Identity and Access Management (IAM) roles to every employee, and create a single service account to access project resources.

13.3%

Use one service account to access a Cloud SQL database, and use separate service accounts for each human user.

Use Cloud Storage to comply with major data protection standards. Use one service account shared by all users.