Google Cloud Professional Cloud Security Engineer — Question 209

Your organization is using AI to improve products through innovation. The developers want to use Gemini in Vertex AI on a project. You need to provide a secure Google Cloud environment to prevent and detect information leakages. What should you do?

Answer options

• A. Set up VPC Service Controls perimeters around the Vertex AI project. Enable Data Loss Prevention API for content inspection.
• B. Grant the developers and AI engineers the Vertex AI User role. Monitor the audit trails with Cloud Logging.
• C. Deploy Model Armor to protect the Vertex AI endpoint. Review Security Command Center findings to detect information leakages.
• D. Implement a firewall rule that allows all traffic to and from the Vertex AI API endpoint.

Correct answer: C

Explanation

The correct answer is C, as deploying Model Armor provides protection for the Vertex AI endpoint and reviewing Security Command Center findings helps in detecting any information leakage. Option A, while it enhances security, does not specifically address endpoint protection. Option B focuses on role assignment and monitoring but lacks proactive measures to prevent data leakage. Option D introduces security risks by allowing unrestricted traffic, which is not advisable.