Your organization uses BigQuery to manage highly sensitive, structured data and must adhere to the "need to know" principle. You need to design an Identity and Access Management (IAM) strategy to meet the requirements for the following roles:

Business User: Requires access to curated reports.

Data Engineer: Requires permissions to administer the data lifecycle on the platform.

Security Operator: Requires the ability to review user activity on the data platform.

What is the appropriate IAM configuration?*

Exam-Like

Configure data access log for BigQuery services, and grant Project Viewer role to security operator.

Set row-based access control based on the “region” column, and filter the record from the United States for data engineers.

Create curated tables in a separate dataset and assign the role roles/bigquery.dataViewer.

Generate a CSV data file based on the business user's needs, and send the data to their email addresses.

Google Professional Cloud Security Engineer