Google Cloud Associate Data Practitioner — Question 68

Your organization has highly sensitive data that gets updated once a day and is stored across multiple datasets in BigQuery. You need to provide a new data analyst access to query specific data in BigQuery while preventing access to sensitive data. What should you do?

Answer options

• A. Grant the data analyst the BigQuery Job User IAM role in the Google Cloud project.
• B. Create a materialized view with the limited data in a new dataset. Grant the data analyst BigQuery Data Viewer IAM role in the dataset and the BigQuery Job User IAM role in the Google Cloud project.
• C. Create a new Google Cloud project, and copy the limited data into a BigQuery table. Grant the data analyst the BigQuery Data Owner IAM role in the new Google Cloud project.
• D. Grant the data analyst the BigQuery Data Viewer IAM role in the Google Cloud project.

Correct answer: B

Explanation

The correct answer is B because creating a materialized view allows you to limit the data the analyst can access while granting the appropriate IAM roles ensures they can query that data. Option A does not limit access to sensitive data, option C creates unnecessary complexity by starting a new project, and option D does not provide the necessary access to query specific data effectively.