GCP-PCA
Designing for security and compliance
medium
Question 7 of 36

A security team wants an extra layer of defense that helps prevent data exfiltration from Cloud Storage and BigQuery even if IAM permissions are misconfigured. Which control best fits?

ACloud Load Balancing
BVPC Service Controls used together with IAM
CCloud Interconnect
DRegional GKE clusters

More Designing for security and compliance Questions

36 questions

Full Google Cloud Professional Cloud Architect Practice Test

All topics covered

All Google Cloud Professional Cloud Architect Questions

Browse by topic

Related Questions

Which IAM role type should generally not be used in production because it is highly permissive and p...

easy

If you grant an IAM role on a folder, what happens to projects and resources inside that folder?...

easy

An application needs a managed service to store database passwords and API keys with versioning, rol...

medium

A company wants a central authorization layer for internal HTTPS applications instead of depending o...

medium

A regulated workload needs secrets replicated only to a custom set of regions selected by the organi...

medium
View all Designing for security and compliance questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account