Google Cloud Professional Cloud Security Engineer — Question 233

Your company's chief information security officer (CISO) is requiring business data to be stored in specific locations due to regulatory requirements that affect the company's global expansion plans. After working on a plan to implement this requirement, you determine the following:
✑ The services in scope are included in the Google Cloud data residency requirements.
✑ The business data remains within specific locations under the same organization.
✑ The folder structure can contain multiple data residency locations.
✑ The projects are aligned to specific locations.
You plan to use the Resource Location Restriction organization policy constraint with very granular control. At which level in the hierarchy should you set the constraint?

Answer options

• A. Organization
• B. Resource
• C. Project
• D. Folder

Correct answer: C

Explanation

The correct answer is C because the Resource Location Restriction organization policy needs to be enforced at the project level to effectively manage and restrict the location of resources according to the specified regulatory requirements. Setting it at the organization level would be too broad and not provide the necessary granularity, while resource and folder levels do not encapsulate the overall project-specific requirements.