Google Cloud Professional Cloud Security Engineer — Question 299

Your organization has an operational image classification model running on a managed AI service on Google Cloud. You are in a configuration review with stakeholders and must describe the security responsibilities for the image classification model. What should you do?

Answer options

• A. Explain that using platform-as-a-service (PaaS) transfers security concerns to Google. Describe the need for strict API usage limits to protect against unexpected usage and billing spikes.
• B. Explain the security aspects of the code that transforms user-uploaded images using Google's service. Define Cloud IAM for fine-grained access control within the development team.
• C. Explain Google's shared responsibility model. Focus the configuration review on Identity and Access Management (IAM) permissions, secure data upload/download procedures, and monitoring logs for any potential malicious activity.
• D. Explain the development of custom network firewalls around the image classification service for deep intrusion detection and prevention. Describe vulnerability scanning tools for known vulnerabilities.

Correct answer: C

Explanation

The correct answer is C because it accurately highlights the shared responsibility model and emphasizes critical security aspects like IAM permissions, secure data handling, and log monitoring. Options A, B, and D either misrepresent security responsibilities or focus too narrowly on specific technical aspects, missing the broader context of shared security obligations.