ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Security Engineer All Questions

View all questions & answers for the Professional Cloud Security Engineer exam
Go to Exam

Exam Professional Cloud Security Engineer topic 1 question 286 discussion

Actual exam question from Google's Professional Cloud Security Engineer
Question #: 286
Topic #: 1
[All Professional Cloud Security Engineer Questions]

Your application development team is releasing a new critical feature. To complete their final testing, they requested 10 thousand real transaction records. The new feature includes format checking on the primary account number (PAN) of a credit card. You must support the request and minimize the risk of unintended personally identifiable information (PII) exposure. What should you do?

  • A. Run the new application by using Confidential Computing to ensure PII and card PAN is encrypted in use.
  • B. Scan and redact PII from the records by using the Cloud Data Loss Prevention API. Perform format-preserving encryption on the card PAN.
  • C. Encrypt the records by using Cloud Key Management Service to protect the PII and card PAN.
  • D. Build a tool to replace the card PAN and PII fields with randomly generated values.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by yokoyan at Sept. 6, 2024, 1:50 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Pime13
4 months, 3 weeks ago
Selected Answer: B
https://cloud.google.com/architecture/de-identification-re-identification-pii-using-cloud-dlp https://cloud.google.com/blog/products/identity-security/taking-charge-of-your-data-using-cloud-dlp-to-de-identify-and-obfuscate-sensitive-information. Using the Cloud Data Loss Prevention (DLP) API to scan and redact PII, combined with format-preserving encryption, directly addresses the need to protect sensitive data while maintaining the necessary format for testing. This ensures that the development team can perform their tests without exposing real PII.
upvoted 1 times
...
KLei
5 months, 1 week ago
Selected Answer: B
A (Confidential Computing) may not directly address the need to redact and protect PII before testing.
upvoted 1 times
...
dat987
6 months, 2 weeks ago
Selected Answer: B
I think B
upvoted 1 times
...
koo_kai
6 months, 2 weeks ago
Selected Answer: B
format check
upvoted 2 times
json4u
6 months, 2 weeks ago
B can preserving the format for testing purposes while ensuring that the actual data remains protected. But, A doesn't address the issue of storing or sharing PII securely for testing.
upvoted 1 times
...
...
brpjp
7 months, 1 week ago
Answer B is correct. A - is missing this requirement - The new feature includes format checking on the primary account number (PAN) of a credit card. By encrypting you will not preserve the format.
upvoted 4 times
...
Ponchi14
7 months, 3 weeks ago
Selected Answer: A
A is correct. Redacting PII beats the purposed of using real transaction records
upvoted 1 times
KLei
5 months, 1 week ago
real tx doesn't mean real PAN
upvoted 1 times
...
...
yokoyan
7 months, 3 weeks ago
Selected Answer: A
I think it's A.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago