gcp must read.pdf

h^ēđėÓÕÕÓÙĽŃććąċ×ÙÙ×Ý εП A9čċđıķĽŃįĭĳõõóùčċđííëñ =Ã³µµ³¹ĸľÃ³µµ³¹ įĭĳēđėĸľ×ÙÙ×ÝÍÏÏÍÓĸľõõóùēđėčċđ }xyxxsĬѡħ×ÖÖЋÑĩĩўĤ²³²²ϧĬѡħóòòЧíĊĊпąëêêПå êééОäĐĐхċĬѡħ ©¤¥¤¤ϙĐĐхċѱķĬѡħ }xyxxsĬѡħĐĐхċêééОä×ÖÖЋÑİѥīİѥīóòòЧíĐĐхċĊĊпą²³²²ϧĄĄйÿ 6"ĄĄйÿĐĐхċѱķÒÓÒÒЇÍ ×ÖÖЋÑÌÍÌÌЁÇѱķĬѡħóòòЧíķѬĲҋő @,ĊĊпąëêêПåóòòЧíĊĊпą×ÖÖЋÑ×ÖÖЋÑĬѡħ PIĐĐхċѱķĬѡħĊĊпą×ÖÖЋÑҋő Welcome to Module 3: Ensuring Data Protection.

×ÖÖЋÑ҄ŊóòòЧí×ÖÖЋÑ҅ŋ ²³²²ϧĊĊпąÒÓÒÒЇÍ İѥīķѬĲѱķÒÓÒÒЇÍҋő ĩĩўĤĄĄйÿ²³²²ϧĊĊпąĊĊпąóòòЧíĊĊпąëêêПå Now let’s review how to use these diagnostic questions to help you identify what to include in your study plan.

Protecting sensitive data and preventing data loss Managing encryption at rest, in transit, and in use Planning for security and privacy in ±I 97 ©¤¥¤¤ϙĐĐхċѱķĬѡħ İѥīķѬĲѱķÒÓÒÒЇÍҋő ĩĩўĤĄĄйÿ²³²²ϧĊĊпąГ @,nsuring data protection 98 ` ` 99 ` We’ll approach this review by looking at the key areas of this exam section and the questions you just answered about each one. We’ll talk about where you can find out more about each area in the learning path for this certification and/or where to find the information in Google Cloud documentation. As we go through each one, take notes on the specific courses (and modules!), skill badges, and documentation pages you’ll want to emphasize in your study plan.

}xyxxsĬѡħĐĐхċķѬĲ×ÖÖЋÑÌÍÌÌЁÇķѬĲóòòЧíĊĊпąëêêПå İѥī×ÖÖЋÑĊĊпąİѥīóòòЧíķѬĲóòòЧí҄Ŋ×ÖÖЋÑ ÒÓÒÒЇÍ²³²²ϧķѬĲ²³²²ϧ ²³²²ϧĊĊпąÒÓÒÒЇÍ ĩĩўĤĬѡħ×ÖÖЋÑ҄Ŋ×ÖÖЋÑĊĊпąķѬĲóòòЧíĊĊпąëêêПå ÒÓÒÒЇÍ²³²²ϧķѬĲ²³²²ϧ ĄĄйÿĐĐхċİѥīİѥī 97 ` 6"onsiderations include: ● Inspecting and redacting personally identifiable information (PII) ● @,nsuring continuous discovery of sensitive data (structured and unstructured) ● 6"onfiguring pseudonymization ● 6"onfiguring format-preserving encryption ● Restricting access to 5igQuery, 6"loud Storage, and 6"loud SQL datastores ● Securing secrets with Secrets Manager ● Protecting and managing compute instance metadata As a Professional Cloud Security Engineer, you play a critical role in protecting sensitive data. This includes being able to configure and run data-loss prevention (DLP) software such as Sensitive Data Protection. It also includes protecting sensitive data with encryption, access control, service perimeters, and secure techniques for data manipulation with such Google Cloud tools as VPC Service Controls and Secrets Manager. Question 1 tested your knowledge of configuring DLP to automatically inspect and redact personally identifiable information (PII). Question 2 tested your knowledge of using Sensitive Data Protection features. Question 3 asked you to secure access to BigQuery and question 4 explored your understanding of Secrets Manager.

<(óòòЧí²³²²ϧëêêПåĊĊпąĐĐхċİѥīķѬĲóòòЧíÌÍÌÌЁÇ ѱķ×ÖÖЋÑİѥīķѬĲóòòЧíĐĐхċĊĊпą ۜ΢Σ <(óòòЧíİѥīÌÍÌÌЁÇѱķİѥīİѥīóòòЧíĐĐхċĊĊпą 97 ` ±. Use the 6"loud <(ata Loss Prevention (<(LP) ±PI to make redact image requests. Provide your project I<(, built-in infoTypes, and the scanned copies when you make the requests. 5. Use the 6"loud Vision ±PI to perform optical code recognition (O6"R) from scanned images. Redact the text using the 6"loud Natural Language ±PI with regular expressions. 6". Use the 6"loud Vision ±PI to perform optical code recognition (O6"R) from scanned images. Redact the text using the 6"loud <(ata Loss Prevention (<(LP) ±PI with regular expressions. <(. Use the 6"loud Vision ±PI to perform text extraction from scanned images. Redact the text using the 6"loud Natural Language ±PI with regular expressions. 6"ymbal 5ank has hired a data analyst team to analyze scanned copies of loan applications. 5ecause this is an external team, 6"ymbal 5ank does not want to share the name, gender, phone number, or credit card numbers listed in the scanned copies. You have been tasked with hiding this PII information while minimizing latency. What should you do? )KKJHGIQ7 A. Correct! The DLP API can be directly used for image redaction. Built-in infoTypes already include name, gender, phone number, and credit card numbers. B. Incorrect. The Cloud Vision API’s OCR can be used to extract text from images but OCR does not redact the text. The Cloud Natural Language API also cannot help with text redaction. Use the DLP API for this. C. Incorrect. The Cloud Vision API’s OCR can be used to extract text from images and then you can redact the text using the DLP API, but this process adds a layer of latency because it involves two steps. You can create custom infoTypes with regular expressions, but these are recommended only in situations where standard infoTypes aren’t supported, such as medical account numbers. D. Incorrect. The Cloud Vision API’s OCR can be used to extract text from images and then you can redact the text using DLP API, but this process adds a layer of latency because it involves two steps. The Cloud Natural Language API cannot help with text redaction. Use the DLP API for this. =NKUK WR RRRQ : ● https://cloud.google.com/dlp/docs/concepts-image-redaction ● https://cloud.google.com/dlp/docs/redacting-sensitive-data-images ● https://cloud.google.com/dlp/docs/infotypes-reference

&RQWKQW SGSSOQM7 ● ILT course: 9KIXUOW\ OQ *RRMRK &RRXJ ○ M10 Content-related Vulnerabilities: Techniques and Best Practices ● On-demand course: 0OWOMGWOQM 9KIXUOW\ <XRQKUGHOROWOKV RQ *RRMRK &RRXJ ○ M2 Content-related Vulnerabilities: Techniques and Best Practices 9XSSGU\7 The Cloud Data Loss Prevention (DLP) API can redact images, documents, and text. It offers built-in and custom infoTypes that can help identify sensitive information. Using one of the supported programming languages, you can programmatically make redact image requests to the DLP API.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help