ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Database Engineer All Questions

View all questions & answers for the Professional Cloud Database Engineer exam
Go to Exam

Exam Professional Cloud Database Engineer topic 1 question 139 discussion

Actual exam question from Google's Professional Cloud Database Engineer
Question #: 139
Topic #: 1
[All Professional Cloud Database Engineer Questions]

You are planning to migrate a 10 TB relational database from an on-premises environment to Cloud SQL for PostgreSQL. The database contains sensitive customer information. You want to follow Google-recommended practices to keep data secure during the migration. What should you do? (Choose two.)

  • A. Configure Cloud SQL for automatic patching, and enable binary logging.
  • B. Establish a Private Service Connect connection between your on-premises environment and the Cloud SQL instance.
  • C. Use an external IP address for the Cloud SQL instance, and configure firewall rules.
  • D. Set up Identity and Access Management (IAM) roles to restrict access with Cloud SQL with an internal IP address.
  • E. Leverage Storage Transfer Service with client-side encryption.
Show Suggested Answer Hide Answer
Suggested Answer: BD 🗳️
by WOOJONE at May 29, 2025, 12:52 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
c3815ba
2 weeks, 6 days ago
Selected Answer: BD
✅ B. Use Private Service Connect (PSC) • PSC enables private, secure connectivity to Cloud SQL using internal IPs only, even across hybrid networks (on-prem to GCP). • Prevents exposing the Cloud SQL instance over the public internet. • This is a Google-recommended practice for connecting securely from on-premises environments to GCP-managed services. ⸻ ✅ D. Use IAM roles + internal IPs • IAM enforces least privilege access control for managing and connecting to Cloud SQL instances. • Internal IP usage ensures connections remain inside the VPC, not over the public internet. • Together, these controls reduce the attack surface and follow GCP security best practices.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel