Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Security Engineer All Questions

View all questions & answers for the Professional Cloud Security Engineer exam
Go to Exam

Exam Professional Cloud Security Engineer topic 1 question 307 discussion

Actual exam question from Google's Professional Cloud Security Engineer
Question #: 307
Topic #: 1
[All Professional Cloud Security Engineer Questions]

Your organization is developing a sophisticated machine learning (ML) model to predict customer behavior for targeted marketing campaigns. The BigQuery dataset used for training includes sensitive personal information. You must design the security controls around the AI/ML pipeline. Data privacy must be maintained throughout the model’s lifecycle and you must ensure that personal data is not used in the training process. Additionally, you must restrict access to the dataset to an authorized subset of people only. What should you do?

  • A. De-identify sensitive data before model training by using Cloud Data Loss Prevention (DLP)APIs. and implement strict Identity and Access Management (IAM) policies to control access to BigQuery.
  • B. Implement Identity-Aware Proxy to enforce context-aware access to BigQuery and models based on user identity and device.
  • C. Implement at-rest encryption by using customer-managed encryption keys (CMEK) for the pipeline. Implement strict Identity and Access Management (IAM) policies to control access to BigQuery.
  • D. Deploy the model on Confidential VMs for enhanced protection of data and code while in use. Implement strict Identity and Access Management (IAM) policies to control access to BigQuery.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by abdelrahman89 at Oct. 4, 2024, 10:18 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
json4u
1 month, 1 week ago
Selected Answer: A
It's A Well explained below.
upvoted 1 times
...
abdelrahman89
1 month, 2 weeks ago
A - Data De-identification: De-identifying sensitive data using Cloud DLP APIs ensures that the data used for model training does not contain personally identifiable information (PII). This protects data privacy and reduces the risk of unauthorized access or misuse. IAM Policies: Implementing strict IAM policies controls access to BigQuery, ensuring that only authorized personnel can access and use the dataset. This further protects data privacy and reduces the risk of unauthorized access. Comprehensive Approach: This approach combines data de-identification and IAM controls to provide a robust and effective security solution for the AI/ML pipeline.
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel