ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Developer All Questions

View all questions & answers for the Professional Cloud Developer exam
Go to Exam

Exam Professional Cloud Developer topic 1 question 181 discussion

Actual exam question from Google's Professional Cloud Developer
Question #: 181
Topic #: 1
[All Professional Cloud Developer Questions]

Your team is building an application for a financial institution. The application's frontend runs on Compute Engine, and the data resides in Cloud SQL and one Cloud Storage bucket. The application will collect data containing PII, which will be stored in the Cloud SQL database and the Cloud Storage bucket. You need to secure the PII data. What should you do?

  • A. 1. Create the relevant firewall rules to allow only the frontend to communicate with the Cloud SQL database
    2. Using IAM, allow only the frontend service account to access the Cloud Storage bucket
  • B. 1. Create the relevant firewall rules to allow only the frontend to communicate with the Cloud SQL database
    2. Enable private access to allow the frontend to access the Cloud Storage bucket privately
  • C. 1. Configure a private IP address for Cloud SQL
    2. Use VPC-SC to create a service perimeter
    3. Add the Cloud SQL database and the Cloud Storage bucket to the same service perimeter
  • D. 1. Configure a private IP address for Cloud SQL
    2. Use VPC-SC to create a service perimeter
    3. Add the Cloud SQL database and the Cloud Storage bucket to different service perimeters
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by zellck at Dec. 15, 2022, 1:30 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
micoams
Highly Voted 1 year, 4 months ago
Selected Answer: C
Without using VPC-SC, the PII data is not secure from exfiltration. So that leaves only C, and D as possible valid responses. However, D can be eliminated because both the Cloud SQL instance and and Cloud Storage bucket must be within the same perimeter, which leaves C and the valid answer.
upvoted 5 times
...
__rajan__
Most Recent 7 months, 1 week ago
Selected Answer: C
I would go with C
upvoted 1 times
...
purushi
8 months, 3 weeks ago
Selected Answer: C
C is correct compared to other options.
upvoted 2 times
...
zellck
1 year, 3 months ago
Selected Answer: C
C should be the correct answer instead.
upvoted 2 times
...
TNT87
1 year, 3 months ago
Selected Answer: C
Answer C
upvoted 3 times
...
zellck
1 year, 4 months ago
Selected Answer: B
B is the answer.
upvoted 1 times
[Removed]
1 year, 4 months ago
Why do you think B is the answer? I was thinking about C since we secure the PII with the service perimeter that way.
upvoted 1 times
zellck
1 year, 3 months ago
Agree C is the better answer. Passed my exam few weeks back, chose C as well.
upvoted 1 times
TNT87
1 year, 3 months ago
Congratulations
upvoted 1 times
...
ripp76
10 months, 3 weeks ago
Since the correct answer is C, I cannot understand why this site suggests B as the correct answer. Most of proposed answers by examtopics.com are wrong ... so why are we paying a subscription? I was expecting something more accurate.
upvoted 1 times
...
Load full discussion...
...
...
TNT87
1 year, 3 months ago
Answer C https://cloud.google.com/vpc-service-controls/docs/service-perimeters
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago