Google Cloud Professional Cloud Architect — Question 178

You are working at a financial institution that stores mortgage loan approval documents on Cloud Storage. Any change to these approval documents must be uploaded as a separate approval file. You need to ensure that these documents cannot be deleted or overwritten for the next 5 years. What should you do?

Answer options

• A. Create a retention policy on the bucket for the duration of 5 years. Create a lock on the retention policy.
• B. Create a retention policy organizational constraint constraints/storage.retentionPolicySeconds at the organization level. Set the duration to 5 years.
• C. Use a customer-managed key for the encryption of the bucket. Rotate the key after 5 years.
• D. Create a retention policy organizational constraint constraints/storage.retentionPolicySeconds at the project level. Set the duration to 5 years.

Correct answer: A

Explanation

The correct answer is A because creating a retention policy on the bucket with a lock ensures that the documents cannot be deleted or overwritten for the specified duration. Option B is incorrect as it applies the retention policy at the organization level rather than the specific bucket. Option C does not address the retention of documents in terms of deletion or modification, and option D is also incorrect because it sets the retention policy at the project level instead of the bucket.