Google Cloud Professional Cloud Security Engineer — Question 267

An organization is migrating from their current on-premises productivity software systems to G Suite. Some network security controls were in place that were mandated by a regulatory body in their region for their previous on-premises system. The organization's risk team wants to ensure that network security controls are maintained and effective in G Suite. A security architect supporting this migration has been asked to ensure that network security controls are in place as part of the new shared responsibility model between the organization and Google Cloud.
What solution would help meet the requirements?

Answer options

• A. Ensure that firewall rules are in place to meet the required controls.
• B. Set up Cloud Armor to ensure that network security controls can be managed for G Suite.
• C. Network security is a built-in solution and Google's Cloud responsibility for SaaS products like G Suite.
• D. Set up an array of Virtual Private Cloud (VPC) networks to control network security as mandated by the relevant regulation.

Correct answer: C

Explanation

The correct answer, C, is accurate because network security is inherently managed by Google for SaaS products like G Suite, aligning with the shared responsibility model. Option A is incorrect as firewall rules are not needed for G Suite's built-in security. Option B is not applicable since Cloud Armor is more suited for Google Cloud infrastructure rather than G Suite. Option D is also not relevant since VPC networks are used for IaaS solutions, not SaaS like G Suite.