Question 1

A healthcare company is storing sensitive patient documents in Cloud Storage. To meet compliance requirements, they must ensure that access permissions are applied consistently at the bucket level (preventing individual objects from having public access), and they must prevent data from being downloaded to unauthorized networks. Which TWO security controls should you implement? (Select TWO)

Accepted Answer

Identify the feature that disables object ACLs, and the feature that restricts network access to GCP APIs.

Question 2

What mistakes do candidates make on this GCP PCA question?

Accepted Answer

Selecting CMEK (D) assuming encryption solves all security problems, missing the specific requirement about network exfiltration.

How to approach this question

Full Answer

Common mistakes

Practice the full GCP Professional Cloud Architect Practice Exam 6

More questions from this exam