Google Cloud Professional Cloud Architect — Question 223

A large healthcare provider's primary electronic health record (EHR) application runs on Compute Engine instances with a Cloud SQL for PostgreSQL database, all located in the us-west1 region. A new regulatory mandate requires you to implement and document a business continuity plan (BCP). This plan must ensure that the EHR application can be fully recovered and operational in a different geographical region with a recovery time objective (RTO) of two hours and a recovery point objective (RPO) of 15 minutes. You need to design a disaster recovery strategy that meets these strict BCP requirements. What should you do?

Answer options

• A. Deploy active managed instance groups (MIGs) in both us-west1 and us-east1, fronted by a global external HTTP(S) Load Balancer. For the database, use a cross-region read replica in us-east1, and rely on load balancer health checks to automatically fail over all traffic during an outage.
• B. Use Terraform to define the application’s compute infrastructure. During a disaster, configure the Cloud SQL database in us-west1 to use a cross-region read replica in us-east1, build the environment in us-east1, and promote the replica.
• C. Take daily snapshots of the Compute Engine disks and Cloud SQL database. Copy these snapshots to a Cloud Storage bucket in us-east1. During a disaster, manually restore the virtual machines (VMs) and database from the latest snapshots
• D. Deploy a regional MIG in us-west1 for high availability, and rely on the Google Cloud SLA to ensure the region remains online.

Correct answer: A

Explanation

Option A is correct because it provides an active solution with redundancy in both regions, ensuring quick recovery through load balancing and cross-region replication. Option B is less effective as it relies on manual promotion of replicas after a disaster, which may not meet the RTO requirement. Option C, while providing backups, relies on manual restoration, which is not aligned with the required RTO and RPO. Option D does not offer a valid strategy for disaster recovery as it does not consider any failover mechanism to another region.