Answer-first summary for fast verification
Answer: Enable Access Transparency logs with Access Approval requests for Google employees.
The question specifically addresses concerns about internal Google employee access to highly sensitive financial data. Option D (Enable Access Transparency logs with Access Approval requests for Google employees) directly addresses this concern by providing visibility into Google employee actions and requiring explicit approval for access. This is supported by the community consensus (87% selected D) and upvoted comments citing Google documentation. While A (customer-managed encryption keys) provides data encryption control, it doesn't specifically address Google employee access monitoring. B (IAM) manages customer-side access but not Google employee access. C (Admin activity logs) monitors customer admin actions, not Google employee access. Therefore, D is the optimal solution for the stated concern.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
As a security engineer at a financial company concerned about internal Google employee access to highly sensitive data stored on Google Cloud, what solution should you propose to address this risk?
A
Use customer-managed encryption keys.
B
Use Google's Identity and Access Management (IAM) service to manage access controls on Google Cloud.
C
Enable Admin activity logs to monitor access to resources.
D
Enable Access Transparency logs with Access Approval requests for Google employees.
No comments yet.