Google Cloud Professional Cloud Security Engineer Practice Exam

What should an organization do to maintain compliance when operating workloads in specific geographical regions?

• A. Store logs in a central location in the US
• B. Use cloud resources in the same region as the data
• C. Enable cross-region access for all services
• D. Deploy resources in multiple regions for redundancy

The correct answer is: Use cloud resources in the same region as the data

Using cloud resources in the same region as the data is essential for maintaining compliance when operating workloads in specific geographical areas. Many regulations, such as GDPR or CCPA, stipulate that data must be processed and stored within specific jurisdictions to ensure legal protections align with the local laws. By utilizing cloud services and resources that are located in the same region as the data, organizations can better ensure they are adhering to these legal requirements, minimizing the risk of unintentional data transfers that could violate compliance regulations. This approach not only helps in meeting regulatory requirements but also improves latency and performance for users accessing the data and applications, as data remains close to where it is generated and consumed. Additionally, localized resource usage can facilitate adherence to data sovereignty principles, which dictate that data is subject to the laws of the region in which it is located. In contrast, other options may not support compliance efforts. For example, storing logs in a central location in the US could lead to issues if the data being logged is subject to specific regional regulations that require local storage. Enabling cross-region access for all services could increase risk regarding data sovereignty and compliance, as data may traverse jurisdictions without proper controls. Deploying resources in multiple regions for redundancy, while beneficial for disaster recovery and availability