Learn how to implement retention policies and locks on Google Cloud Storage buckets to protect sensitive documents from deletion or overwrites for extended periods.
Table of Contents
Question
You are working at a financial institution that stores mortgage loan approval documents on Cloud Storage. Any change to these approval documents must be uploaded as a separate approval file. You need to ensure that these documents cannot be deleted or overwritten for the next 5 years. What should you do?
A. Create a retention policy on the bucket for the duration of 5 years. Create a lock on the retention policy.
B. Create a retention policy organizational constraint constraints/storage.retentionPolicySeconds at the organization level. Set the duration to 5 years.
C. Use a customer-managed key for the encryption of the bucket. Rotate the key after 5 years.
D. Create a retention policy organizational constraint constraints/storage.retentionPolicySeconds at the project level. Set the duration to 5 years.
Answer
A. Create a retention policy on the bucket for the duration of 5 years. Create a lock on the retention policy.
Explanation
This is the recommended approach. A retention policy ensures the documents are preserved for the required duration, and locking the policy prevents accidental modification or deletion.
Google Professional Cloud Architect certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the Google Professional Cloud Architect exam and earn Google Professional Cloud Architect certification.