Crucial Exams

GCP Professional Cloud Security Engineer Practice Question

Your BigQuery table has patient_id, full_name, admission_date, diagnosis_code, and billing_amount. Analysts need the data, but policy says: expose only the first character of full_name; shift admission_date by up to ±30 days, consistently for rows sharing the same patient_id; and keep patient_id in a reversible, format-preserving form so investigators can restore it if needed. Which set of Sensitive Data Protection transformations meets all requirements?

  • Redact full_name entirely, apply an unkeyed ±30-day date-shift to admission_date, and hash patient_id with SHA-256.

  • Replace full_name with a salted SHA-256 hash, date-shift admission_date keyed on patient_id, and mask all but the last four digits of patient_id.

  • Apply character masking to keep only the first character of full_name, use a ±30-day date-shift keyed on patient_id for admission_date, and encrypt patient_id with format-preserving encryption (CryptoReplaceFfxFpe) using a surrogate infoType.

  • Mask full_name to reveal the first letter, deterministically encrypt admission_date, and bucket patient_id into numeric ranges.

GCP Professional Cloud Security Engineer
Ensuring data protection
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot