Question-42: Data that is considered sensitive contains private information that must be protected from unauthorised access by ensuring that it is maintained in a secure location and is not within the reach of any third parties. It is recommended that adequate data protection and information security policies be implemented to restrict access to sensitive data in order to reduce the risk of data breaches and data leaks. Your organization stores sensitive information in buckets in the cloud storage service. The buckets can be read by data analysts because they have the appropriate Identity Access Management (IAM) permissions. You wish to stop data analysts from getting the data stored in the buckets when they are connected to a network outside of the workplace. What action should you take?
A. 1. Construct a perimeter for the VPC Service Controls that encompasses the projects that include the buckets. 2. Establish an access level for the workplace network using the CIDR.
B. 1. Make a rule in the firewall for the source range that applies to all of the instances in the Virtual Private Cloud (VPC) network. 2. Make use of the Classless Inter-domain Routing (CIDR) system that is available on the workplace network.
C. 1. Create a Cloud Function that will remove IAM rights from the buckets, and then create another Cloud Function that will add IAM permissions to the buckets. 2. Utilize the Cloud Scheduler to programme the Cloud Functions to add permissions when the business day begins and delete rights when the business day comes to a close.
D. Establish a virtual private network (VPN) in the cloud to connect to the company's intranet. 2. Make sure that on-premises hosts have Private Google Access configured.

Get All 340 Questions and Answer for Google Professional Cloud Architect