ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Database Engineer All Questions

View all questions & answers for the Professional Cloud Database Engineer exam
Go to Exam

Exam Professional Cloud Database Engineer topic 1 question 19 discussion

Actual exam question from Google's Professional Cloud Database Engineer
Question #: 19
Topic #: 1
[All Professional Cloud Database Engineer Questions]

You are evaluating Cloud SQL for PostgreSQL as a possible destination for your on-premises PostgreSQL instances. Geography is becoming increasingly relevant to customer privacy worldwide. Your solution must support data residency requirements and include a strategy to: configure where data is stored control where the encryption keys are stored govern the access to data
What should you do?

  • A. Replicate Cloud SQL databases across different zones.
  • B. Create a Cloud SQL for PostgreSQL instance on Google Cloud for the data that does not need to adhere to data residency requirements. Keep the data that must adhere to data residency requirements on-premises. Make application changes to support both databases.
  • C. Allow application access to data only if the users are in the same region as the Google Cloud region for the Cloud SQL for PostgreSQL database.
  • D. Use features like customer-managed encryption keys (CMEK), VPC Service Controls, and Identity and Access Management (IAM) policies.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by range9005 at Dec. 21, 2022, 2:13 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
juliorevk
7 months ago
D because CMEK where the encryption keys are stored IAM govern the access to data VPC Service Controls configure where data is stored control
upvoted 4 times
...
theseawillclaim
7 months ago
Selected Answer: D
D. C might seem ok, but you'd need some kind of tracking to localize users, and there is no mention of it.
upvoted 1 times
...
standm
11 months, 1 week ago
should be CSEK and not CMEK. Then 'D'.
upvoted 1 times
...
dynamic_dba
1 year, 1 month ago
D. Using IAM policies, VPC Service Controls and CMEK is the best answer. A doesn’t make sense since Geography would be a factor at the Region level, not zone level. B is a lot of work and GCP is all about making things easier. C address part of the issue, but D addresses more. The link provided by sp57 is spot on.
upvoted 1 times
...
ralf_cc
1 year, 3 months ago
C - it is about location of the data
upvoted 1 times
...
ssaporylo
1 year, 3 months ago
My vote D
upvoted 1 times
...
sp57
1 year, 4 months ago
D, https://cloud.google.com/blog/products/identity-security/meet-data-residency-requirements-with-google-cloud
upvoted 4 times
...
pk349
1 year, 4 months ago
D. Use features like customer-managed encryption keys (CMEK), VPC Service Controls, and Identity and Access Management (IAM) policies.
upvoted 2 times
...
GCP72
1 year, 4 months ago
Selected Answer: D
D is the correct answer
upvoted 1 times
...
range9005
1 year, 4 months ago
Selected Answer: D
data residency requirements can be achiy with CMEK, VPC and IAM
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago