Crucial Exams

GCP Professional Cloud Security Engineer Practice Question

Your security team must locate and classify PII across 10 TB of historical CSV files already in multiple Cloud Storage buckets and BigQuery datasets, and continuously profile any newly created data in those locations. In addition, the team occasionally receives log files from an on-prem system through a secure API and wants to scan each file for sensitive data before storing it. Which Sensitive Data Protection inspection mechanisms should you implement to satisfy these requirements?

  • Configure an organization-level discovery scan for Cloud Storage and BigQuery, and invoke a hybrid inspection job from the on-prem system to inspect each incoming log file.

  • Rely on Data Catalog policy tags for Cloud Storage and BigQuery to identify PII automatically, and use Eventarc triggers to handle on-prem log uploads.

  • Set up streaming content inspection API calls triggered by Cloud Storage notifications and create separate scheduled BigQuery inspection jobs; run ad-hoc discovery scans as needed.

  • Run a one-time inspection job over the existing Cloud Storage buckets and BigQuery datasets, and use real-time content inspection API calls for each on-prem log file.

GCP Professional Cloud Security Engineer
Ensuring data protection
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot