Google Cloud Associate Cloud Engineer — Question 261

You are deploying an application on Google Cloud that requires a relational database for storage. To satisfy your company’s security policies, your application must connect to your database through an encrypted and authenticated connection that requires minimal management and integrates with Identity and Access Management (IAM). What should you do?

Answer options

• A. Deploy a Cloud SQL database with the SSL mode set to encrypted only, configure SSL/TLS client certificates, and configure a database user and password.
• B. Deploy a Cloud SQL database with the SSL mode set to encrypted only, configure SSL/TLS client certificates, and configure IAM database authentication.
• C. Deploy a Cloud SQL database and configure IAM database authentication. Access the database through the Cloud SQL Auth Proxy.
• D. Deploy a Cloud SQL database and configure a database user and password. Access the database through the Cloud SQL Auth Proxy.

Correct answer: C

Explanation

The correct answer is C because it utilizes IAM database authentication, which aligns with the requirement for minimal management and enhanced security by integrating with IAM. Options A and B involve SSL/TLS client certificates, which add complexity and do not meet the requirement for minimal management. Option D does not leverage IAM for authentication, making it less secure compared to C.