Scribd
Upload
6 views4 pages

Google Cloud Architect Exam Q&A

The document presents a question from Google's Professional Cloud Architect exam regarding the implementation of a custom card tokenization service for the Helicopter Racing League. It outlines specific requirements for the service, including low latency, duplicate credit card identification, and annual key rotation, and provides multiple storage options for consideration. The most suggested answer among the comments is option B, which involves encrypting card data with a deterministic algorithm and storing it in Firestore using Datastore mode.

Uploaded by

DARSH BAKSHI
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
6 views4 pages

Google Cloud Architect Exam Q&A

The document presents a question from Google's Professional Cloud Architect exam regarding the implementation of a custom card tokenization service for the Helicopter Racing League. It outlines specific requirements for the service, including low latency, duplicate credit card identification, and annual key rotation, and provides multiple storage options for consideration. The most suggested answer among the comments is option B, which involves encrypting card data with a deterministic algorithm and storing it in Firestore using Datastore mode.

Uploaded by

DARSH BAKSHI
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

MENU

Google Discussions

Exam Professional Cloud Architect All Questions


View all questions & answers for the Professional Cloud Architect exam

Go to Exam

EXAM PROFESSIONAL CLOUD ARCHITECT TOPIC 3 QUESTION 1 DISCUSSION

Actual exam question from Google's Professional Cloud Architect


Question #: 1
Topic #: 3
[All Professional Cloud Architect Questions]

For this question, refer to the Helicopter Racing League (HRL) case study. Your team is in charge of creating a
payment card data vault for card numbers used to bill tens of thousands of viewers, merchandise consumers, and
season ticket holders. You need to implement a custom card tokenization service that meets the following
requirements:
* It must provide low latency at minimal cost.
* It must be able to identify duplicate credit cards and must not store plaintext card numbers.
* It should support annual key rotation.
Which storage approach should you adopt for your tokenization service?

A. Store the card data in Secret Manager after running a query to identify duplicates.

B. Encrypt the card data with a deterministic algorithm stored in Firestore using Datastore mode.

C. Encrypt the card data with a deterministic algorithm and shard it across multiple Memorystore instances.

D. Use column-level encryption to store the data in Cloud SQL.

Show Suggested Answer

by t1nna456 at Nov. 13, 2021, 2:09 p.m.

Comments

Type your comment...


Type your comment...

Submit

Neo_ACE Highly Voted 2 years, 11 months ago


Answer would be B

[Link]

Deterministic output means that a given set of inputs (card number, expiration, and userID) will always generate the same
token. This is useful if you want to rely on the token value to deduplicate your token stores. You can simply match a newly
generated token to your existing catalog of tokens to determine whether the card has been previously stored. Depending on
your application architecture, this can be a very useful feature. However, this could also be accomplished using a salted
hash of the input values.

[Link]
Firestore is the next major version of Datastore. Firestore can run in Datastore mode, which uses the same API as Datastore
and scales to millions of writes per second,
upvoted 39 times

technodev Highly Voted 2 years, 9 months ago


Got this question in my exam, answered B
upvoted 19 times

OrangeTiger Most Recent 9 months, 1 week ago


A's SecretManager and C's Memorystore are absolutely different because their purposes are different. D is different
because it does not mention duplication. What remains is B.
upvoted 2 times

TopTalk 1 year, 1 month ago


Why isn't it C since Firestore doesn't meet the low latency requirement as someone said before? Bard thinks the answer is
C for low latency and even cost because you're only paying for what you use. Thoughts?
upvoted 2 times

sampon279 1 year, 3 months ago


Selected Answer: B
Between B (firestore in datastore mode)and D (Cloud SQL) B is better solution since firestore is preferred for low latency
queries, also since firestore is in datastore mode (does not include real time capabilities supported in native mode - i.e
mobile updates) it's cost effective.
upvoted 4 times

mimicha1 1 year, 4 months ago


Why not C ?
upvoted 2 times

bargou 8 months, 1 week ago


if we choose C, the card number can be duplicated, since we are using multiple memorystore
upvoted 2 times

BiddlyBdoyng 1 year, 4 months ago


From what I can work out column level encryption needs to be implemented by the client in Cloud SQL.

So both B & D are identical solutions except for the database type?

Cloud SQL seems to do a better job of the avoiding duplicates requirement & seems a better fit.

Don't see why B seems to be so popular, would have expect a bigger split on the vote. Am I missing something
upvoted 2 times

mtj2018 1 year, 3 months ago


I agree, both answers would fit the bill but I think B just shades it due to low latency requirements.
upvoted 1 times

tdotcat 1 year, 9 months ago


Selected Answer: B
B fits the case
upvoted 2 times

surajkrishnamurthy 1 year, 10 months ago


surajkrishnamurthy 1 year, 10 months ago
Selected Answer: B
B Is the Correct Answer
upvoted 2 times

megumin 1 year, 11 months ago


Selected Answer: B
B is ok
upvoted 1 times

Mahmoud_E 2 years ago


Selected Answer: B
B as its clear in the example by google [Link]
dss
upvoted 4 times

aut0pil0t 2 years, 1 month ago


Selected Answer: B
B, but should be reworded as follows for clarify.

"B. Encrypt the card data with a deterministic algorithm and store in Firestore using Datastore mode."

[Link]
dss#a_service_for_handling_sensitive_information
upvoted 4 times

AzureDP900 2 years, 3 months ago


I would go with B.
upvoted 1 times

cpi_web 2 years, 4 months ago


Hmmm. What is about the very first point low latency? Firefstore is not the one with best latency values...

[Link]
upvoted 2 times

kapara 2 years, 5 months ago


Selected Answer: D
ans is D
upvoted 1 times

mad314 2 years, 6 months ago


Selected Answer: B
Had this question on my exam.
upvoted 5 times

slars2k 2 years, 6 months ago


Considering low latency and minimal cost, will go with D.
upvoted 2 times
Load full discussion...

Platform

Home All Exams

Examtopics PRO Training Courses

You might also like