GCP Professional Cloud Security Engineer Practice Question

A healthcare company builds a Vertex AI pipeline that trains a model on sensitive patient data stored in a CMEK-encrypted BigQuery dataset. Security policy requires:

All data in Vertex AI to remain protected by the customer-managed key.
Access to the pipeline and model artifacts must not traverse the public internet.
Only the data scientists' service account should be able to invoke prediction.

Which architecture meets all requirements with the least operational overhead?

Run training on Confidential VMs that write checkpoints to a CMEK Cloud Storage bucket, then upload the model to a Cloud Run service reachable only through an internal load balancer. Restrict access with IAM on Cloud Run.
Export the BigQuery data to CMEK-encrypted Cloud Storage, train locally on the data scientists' workstations, and serve the model from a Compute Engine instance that allows ingress only from trusted IP ranges.
Enable VPC Service Controls around the project, train with default encryption, and deploy the model to a public Vertex AI endpoint protected by OAuth token-based prediction requests from the service account.
Create a CMEK-enabled custom training job and deploy the resulting model to a CMEK-enabled Vertex AI endpoint behind Private Service Connect. Grant the Vertex AI Service Agent the key role and give only the data-scientist service account the Vertex AI Endpoint Invoker role.

Report Issue

Answer Description

Using CMEK-enabled Vertex AI custom training and online prediction keeps all intermediate artifacts-including container images, model checkpoints, and endpoint traffic-encrypted with the customer-managed key. Combining this with Private Service Connect confines control-plane and data-plane traffic to Google's backbone, satisfying the 'no public internet' mandate without having to create and manage a full service perimeter. IAM on the endpoint restricts invocation to the designated service account.

Authorized networks do not apply to managed PaaS services like Vertex AI; VPC-SC could meet the network requirement but is more complex to set up and maintain than PSC when only a single project is involved. Uploading the trained model to Cloud Storage and serving it from a Compute Engine instance would forfeit managed CMEK propagation and add VM patching overhead.

Ask Bash

Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.