Google Cloud Professional Cloud Security Engineer — Question 11

Your company runs a website that will store PII on Google Cloud Platform. To comply with data privacy regulations, this data can only be stored for a specific amount of time and must be fully deleted after this specific period. Data that has not yet reached the time period should not be deleted. You want to automate the process of complying with this regulation.
What should you do?

Answer options

• A. Store the data in a single Persistent Disk, and delete the disk at expiration time.
• B. Store the data in a single BigQuery table and set the appropriate table expiration time.
• C. Store the data in a single Cloud Storage bucket and configure the bucket's Time to Live.
• D. Store the data in a single BigTable table and set an expiration time on the column families.

Correct answer: C

Explanation

The correct answer is C because configuring a Cloud Storage bucket's Time to Live allows for automatic deletion of objects after a specified period, ensuring compliance with data retention regulations. Option A is incorrect as deleting a Persistent Disk would remove all data at once, including any that hasn't reached its expiration. Option B is also incorrect because although BigQuery tables can have expiration times, they are not the optimal choice for PII data storage in this context. Option D is wrong as well; while BigTable does allow for expiration on column families, it is not the best fit for managing PII retention requirements.