Answer-first summary for fast verification
Answer: Cloud Data Loss Prevention, VPC service-controls
Cloud Data Loss Prevention (DLP) is the recommended GCP service for transforming data to hide unnecessary PII, as it specializes in discovering, classifying, and masking sensitive information. VPC service-controls are advised for securing the work environment by establishing a secure perimeter around your resources, thus minimizing the risk of data exfiltration. These solutions align with the financial institution's compliance and scalability needs. Cloud Armor (A) is unsuitable as it provides DDoS protection, not data transformation or perimeter security. Cloud HSM (B) offers cryptographic key management, which is not directly relevant to the stated challenges. Network firewall rules (D) manage traffic within a VPC but lack the context-aware access control necessary for protecting sensitive data combinations in a multi-tenant environment.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
In your role as a Machine Learning Engineer at a large financial institution, you are tasked with developing a model that processes datasets containing Personally Identifiable Information (PII). The project requires you to address two critical challenges: (1) transforming the data to obscure unnecessary personal information without compromising the utility of the data for model training, and (2) securing the work environment to protect sensitive combinations of personal data that are essential for your model's accuracy. Given the institution's strict compliance requirements and the need for scalable solutions, which two Google Cloud Platform (GCP) services should you recommend to effectively address these challenges? (Choose two.)
A
Cloud Armor security policies
B
Cloud HSM
C
Cloud Data Loss Prevention
D
Network firewall rules
E
VPC service-controls