GCP Professional Cloud Security Engineer Practice Question
Two healthcare organizations need to jointly run an analytics workload on their combined patient data. Each organization must be certain that its raw data remains hidden from the other party, from Google administrators, and from any software running on the host. They also want to reuse their existing containerized Python code with minimal changes. Which Google Cloud feature best satisfies these requirements?
Run the containers inside a Confidential Space enclave backed by Confidential Computing.
Place both projects inside a shared VPC Service Controls perimeter to block data exfiltration.
Encrypt all input files with customer-managed keys (CMEK) before uploading them to Cloud Storage.
Apply Cloud Storage object lifecycle policies to delete the datasets after processing.
Confidential Space creates a hardware-based trusted execution environment (TEE) where containerized workloads run with memory encrypted by the CPU and are remotely attested before execution. This prevents Google, the host OS, and even collaborating parties from viewing plaintext data while still allowing standard container images to be executed, so each organization can contribute data and code without exposing sensitive information. CMEK, VPC Service Controls, and object lifecycle policies protect data at rest or control network egress but do not encrypt data while it is being processed, so they cannot guarantee confidentiality during joint in-memory analytics.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Confidential Computing in Google Cloud?
Open an interactive chat with Bash
How does the Trusted Execution Environment (TEE) work in Confidential Space?
Open an interactive chat with Bash
What does remote attestation ensure in a Confidential Space enclave?
Open an interactive chat with Bash
What is Confidential Computing in Google Cloud?
Open an interactive chat with Bash
How does Confidential Space provide data security?
Open an interactive chat with Bash
What is Remote Attestation and why is it important in Confidential Space?
Open an interactive chat with Bash
GCP Professional Cloud Security Engineer
Ensuring data protection
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .