Exam Professional Cloud Architect topic 1 question 109 discussion

According to me, the question states "The association collects a large amount of health data, such as sustained injuries." and the nuance on the word such => " Current legislation requires you to delete "SUCH" information upon request of the subject. " So from that point of view the question is not to delete the entire user records but specific data related to personal health data. With DLP you can use InfoTypes and InfoType detectors to specifically scan for those entries and how to act upon them (link https://cloud.google.com/dlp/docs/concepts-infotypes) I would say B.

IMHO a) is the correct answer because it is easier to operate. The question is not how to mask data and so on but just to delete data on request, so I don't think that we have to use for just the deletion of specific data DLP.

Option A doesn't Delete all instances of PII, what happens if there is personal information on the descriptions? such as " sustained injuries". Delete just the identifiers is not complete.

B is pointless as any health data is sensitive data, and also the fact that it did not mention deletion. Hence A is the correct answer.

Use a unique identifier for each individual. Upon a deletion request, delete all rows from BigQuery with this identifier.

A. Use a unique identifier for each individual.

Option B is better when the requirement is to delete only the PII health data, not all data related to the individual.

It had better be A, if not then you're not a good organization

Data Loss Prevention must have!

I vote for B. I had some doubts whether A was correct, but: - I'm not convinced by the argument "only A talks about deleting" (it would be too easy if it was about choosing an answer containing the word "delete" ;) - the question says "design a solution that can accommodate such a request" - I'm not very fluent in english, but "accommodate" imho means more "facilitate" than "accomplish" here - I think that the task is about deleting health data not everything related with unique identifier - Data Catalog allows you to manage data, knowing in which datasets and in which tables what data is stored. Answer "A" somehow imposes the data model - each table with data related to a given individual must contain the ID of this individual (in a real data model this does not have to be the case).

Should be A)

A is correct. As for option B: While DLP is valuable for identifying sensitive data, it might not be sufficient for this specific case. DLP cannot necessarily determine an individual's right to deletion based solely on data classification. Additionally, relying on Data Catalog to store the results adds unnecessary complexity and potential inconsistencies.

B. The A removes all data, not SUCH only.

Ans. B assumes you will delete the Personal Information found in the Catalog... Some people are reading GDPR into this question (we are not told what country and what legislation). The question states you must delete all information (not just personal informarion) on request. Ans B is a red herring ! Answer must = A

(A) - Primary task is "legislation requires you to delete" .. and B is not deleting. only A is deleting

Well, A would delete all rows with the identifier, I guess including the ones that are not confidential, also what does it mean unique identifier? each user is unique already. Ridiculous. B would identify the columns that contain personal data, but B is prone to errors as changes in legislation of what is consider injury would be excluded and all data would need to be re- ingested. Unfortunately B is closer and less damaging than A.

Either A or B is the answer. A - will delete all the info about the subject, which is not the intension. Only the sensitive data to be deleted. Hence, B.