Google Professional Cloud Security Engineer

Get started today

Ultimate access to all questions.

Quick Answer

Answer-first summary for fast verification

Answer: Deploy an Assured Workloads environment in an approved region. Configure Access Approval for sensitive operations on patient data. Enable both Cloud Audit Logs and Access Transparency.

Option B is the correct answer because it directly addresses all three regulatory requirements: (1) Assured Workloads ensures data residency in approved regions, (2) Access Approval requires explicit approval for sensitive operations from designated personnel, and (3) Cloud Audit Logs and Access Transparency provide comprehensive audit trails for all access. The community discussion shows 100% consensus on B, with upvoted comments highlighting how it fulfills the strict regulatory requirements. Other options are less suitable: A uses standard regions without guaranteed compliance controls, C focuses on redundancy and network isolation but lacks explicit approval mechanisms, and D uses ACLs which are less comprehensive than the integrated compliance features in Assured Workloads.

Author: LeetQuiz Editorial Team

Quick Answer

Answer-first summary for fast verification

Answer: Deploy an Assured Workloads environment in an approved region. Configure Access Approval for sensitive operations on patient data. Enable both Cloud Audit Logs and Access Transparency.

Author: LeetQuiz Editorial Team

Comments (0)

No comments yet.

You are designing a Google Cloud environment for a healthcare provider that will store and process sensitive patient data. The solution must meet the following regulatory requirements:

Data must be stored only within designated geographic locations.

Specific administrative operations on patient data must require explicit approval from authorized compliance personnel.

All access to patient data must be logged for audit purposes.

What is the recommended approach to configure Google Cloud to fulfill these requirements?

Select a standard Google Cloud region. Restrict access to patient data based on user location and job function by using Access Context Manager. Enable both Cloud Audit Logging and Access Transparency.

Deploy an Assured Workloads environment in an approved region. Configure Access Approval for sensitive operations on patient data. Enable both Cloud Audit Logs and Access Transparency.

Deploy an Assured Workloads environment in multiple regions for redundancy. Utilize custom IAM roles with granular permissions. Isolate network-level data by using VPC Service Controls.

Select multiple standard Google Cloud regions for high availability. Implement Access Control Lists (ACLs) on individual storage objects containing patient data. Enable Cloud Audit Logs.