Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Free Resources

Difficulty IndexLearn — Free ChaptersIT GlossaryFree Tools & LabsStudy GuidesCareer RoadmapsBrowse by VendorCisco Command ReferenceCCNA Scenarios

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← Supporting Compliance Requirements practice sets

PCSE Supporting Compliance Requirements • Complete Question Bank

PCSE Supporting Compliance Requirements — All Questions With Answers

Complete PCSE Supporting Compliance Requirements question bank — all 0 questions with answers and detailed explanations.

75
Questions
Free
No signup
Certifications/PCSE/Practice Test/Supporting Compliance Requirements/All Questions
Question 1mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A healthcare organization is required to protect Protected Health Information (PHI) stored in Cloud Storage. They want to automatically detect and redact PHI before storing it. Which Google Cloud service should they use?

Question 2mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A company needs to retain audit logs for 7 years to meet compliance requirements. By default, Cloud Audit Logs are retained for 30 days. What should they do to retain the logs for 7 years?

Question 3hardmultiple choice
Read the full Supporting Compliance Requirements explanation →

A financial institution is deploying a payment application on GKE that must comply with PCI DSS. They need to isolate the cardholder data environment (CDE) from other workloads and ensure only authorized services can communicate. Which combination of controls should they implement?

Question 4mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

An organization handles ITAR-controlled data and must restrict Google personnel access to the underlying infrastructure. Which Google Cloud product should they use to enforce this restriction?

Question 5easymultiple choice
Read the full Supporting Compliance Requirements explanation →

A company must implement a data retention policy that prevents any modification or deletion of stored log files for 5 years. Which Cloud Storage feature should they use?

Question 6mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A company processes personal data of European Union residents on GCP. They need to ensure that data processing is limited to specific purposes and that data subjects can exercise their rights (access, rectification, erasure). Which actions should they take to comply with GDPR?

Question 7mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A security engineer wants to test a web application hosted on Compute Engine for vulnerabilities. According to Google Cloud's Acceptable Use Policy, which of the following is true regarding penetration testing?

Question 8hardmultiple choice
Read the full Supporting Compliance Requirements explanation →

A company using BigQuery for analytics needs to comply with the right to be forgotten (erasure) under GDPR. A data subject requests deletion of their personal data. What is the correct approach to delete data from BigQuery audit logs that contain the data subject's information?

Question 9easymultiple choice
Read the full Supporting Compliance Requirements explanation →

Which Google Cloud compliance certification requires the customer to sign a Business Associate Agreement (BAA) with Google?

Question 10mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A government contractor needs to deploy workloads on GCP that meet FedRAMP High baseline requirements. They want to enforce resource location restrictions and access controls for Google personnel. Which product should they use?

Question 11easymultiple choice
Read the full Supporting Compliance Requirements explanation →

Which of the following is a customer responsibility under the Google Cloud shared responsibility model?

Question 12hardmultiple choice
Read the full Supporting Compliance Requirements explanation →

A company wants to enforce that all Cloud Storage buckets created in their organization have a retention policy for compliance. If a bucket is created without a retention policy, it should be automatically remediated. Which approach should they use?

Question 13mediummulti select
Read the full Supporting Compliance Requirements explanation →

A company is migrating a PCI DSS-compliant application to GCP. They need to meet encryption requirements for cardholder data. Which TWO options satisfy PCI DSS encryption requirements? (Choose two.)

Question 14hardmulti select
Read the full Supporting Compliance Requirements explanation →

An organization must comply with ITAR regulations. They use Assured Workloads with the ITAR regime. Which THREE controls are automatically enforced by this regime? (Choose three.)

Question 15mediummulti select
Read the full Supporting Compliance Requirements explanation →

A company processes healthcare data and has signed a BAA with Google Cloud. They need to implement controls for HIPAA compliance. Which THREE actions should they take? (Choose three.)

Question 16mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A healthcare organization is migrating to Google Cloud and needs to store Protected Health Information (PHI) while maintaining HIPAA compliance. They have executed a Business Associate Agreement (BAA) with Google. Which additional step is required to ensure that PHI is properly classified and protected?

Question 17mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A financial institution must store audit logs for 7 years to comply with PCI DSS requirements. By default, Cloud Audit Logs are retained for 30 days. What is the most cost-effective way to retain audit logs for 7 years?

Question 18hardmultiple choice
Read the full Supporting Compliance Requirements explanation →

A company subject to EU GDPR must implement the right to erasure (right to be forgotten) for personal data stored in BigQuery audit logs. The logs include query text that may contain personally identifiable information (PII). What is the correct approach to anonymize or delete PII from BigQuery audit logs?

Question 19mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A government contractor needs to deploy a workload on Google Cloud that complies with FedRAMP High and ITAR (International Traffic in Arms Regulations). They require that Google personnel cannot access the infrastructure and that data residency is restricted to the United States. Which Google Cloud solution should they use?

Question 20easymultiple choice
Read the full Supporting Compliance Requirements explanation →

Which Google Cloud service provides the ability to enforce data retention policies on Cloud Storage objects to prevent deletion or modification for a specified duration?

Question 21hardmultiple choice
Read the full Supporting Compliance Requirements explanation →

A company must process credit card transactions on Google Cloud and achieve PCI DSS compliance. They want to minimize the scope of the cardholder data environment (CDE). Which architectural approach should they take?

Question 22mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A company needs to ensure that all data stored in Cloud Storage is encrypted at rest using keys that they generate and manage themselves. They also need to rotate the keys every 90 days. Which encryption option should they use?

Question 23mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A security engineer needs to audit changes to IAM policies across their Google Cloud organization. Which audit log type should they enable to capture IAM policy changes?

Question 24easymultiple choice
Read the full Supporting Compliance Requirements explanation →

Which Google Cloud service is specifically designed to help customers meet compliance requirements by creating a folder with pre-defined organization policies, resource location restrictions, and access controls?

Question 25hardmultiple choice
Read the full Supporting Compliance Requirements explanation →

A multinational corporation uses Google Cloud and must comply with GDPR. They want to process personal data for a new purpose that was not originally disclosed to data subjects. What is the correct course of action under GDPR?

Question 26easymultiple choice
Read the full Supporting Compliance Requirements explanation →

A security team wants to monitor for compliance drift in an Assured Workloads folder that enforces FedRAMP High controls. Which Google Cloud service should they use to detect violations of organization policies?

Question 27mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A company is required to perform penetration testing on their Google Cloud infrastructure. According to Google Cloud's policy, which statement is true regarding penetration testing?

Question 28hardmulti select
Read the full Supporting Compliance Requirements explanation →

A healthcare company stores de-identified patient data in BigQuery for analytics. They must comply with HIPAA and ensure that re-identification is not possible. They also need to be able to join data on a per-patient basis for longitudinal studies. Which TWO strategies should they implement? (Choose 2)

Question 29mediummulti select
Read the full Supporting Compliance Requirements explanation →

A company is designing a PCI DSS-compliant environment on Google Cloud. They need to isolate the cardholder data environment (CDE) and log all access to it. Which THREE actions should they take? (Choose 3)

Question 30mediummulti select
Read the full Supporting Compliance Requirements explanation →

A multinational company must comply with GDPR and needs to ensure that personal data is processed in a manner that respects data subject rights. Which TWO of the following are required under GDPR? (Choose 2)

Question 31mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A healthcare organization is migrating to Google Cloud and needs to store Protected Health Information (PHI) in Cloud Storage. They have signed a Business Associate Agreement (BAA) with Google. Which additional step is REQUIRED to ensure HIPAA compliance for the data stored?

Question 32mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A financial institution is deploying a PCI DSS-compliant web application on Google Cloud. They need to isolate the cardholder data environment (CDE) from other environments and protect the web application against common web attacks. Which combination of services meets these requirements?

Question 33hardmultiple choice
Read the full Supporting Compliance Requirements explanation →

A company is using Assured Workloads to enforce FEDRAMP_HIGH compliance. They need to ensure that only US-based personnel from Google can access their data. Which configuration setting within the Assured Workloads folder should they enable?

Question 34mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A data subject requests the deletion of their personal data from a Google Cloud project under GDPR. This data is stored in BigQuery audit logs that are retained for 30 days by default. What is the correct approach to fulfill this request?

Question 35easymultiple choice
Read the full Supporting Compliance Requirements explanation →

Which Google Cloud service can automatically classify and de-identify sensitive data such as credit card numbers and health records before it is stored in Cloud Storage?

Question 36mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A company needs to store financial records for 7 years to meet regulatory requirements. They want to ensure that once written, the records cannot be modified or deleted by anyone, including cloud administrators. Which Cloud Storage feature should they enable?

Question 37mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A security engineer needs to run a penetration test against their Google Cloud environment. According to Google's Acceptable Use Policy, which of the following is true regarding penetration testing?

Question 38hardmultiple choice
Read the full Supporting Compliance Requirements explanation →

A company is implementing GDPR compliance and wants to ensure that personal data is pseudonymized in BigQuery. They plan to use Cloud DLP to tokenize data before loading. Which approach should they take to minimize changes to existing SQL queries?

Question 39mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A healthcare organization needs to ensure that all access to ePHI in Cloud SQL is logged for HIPAA compliance. They have enabled audit logs. What additional step is required to ensure logs are retained for at least one year?

Question 40hardmultiple choice
Read the full Supporting Compliance Requirements explanation →

An organization is using Assured Workloads to enforce ITAR compliance. They need to ensure that all resources are deployed in specific US regions and that Google personnel access is restricted. They also want to monitor for any configuration changes that violate compliance policies. Which service should they use for monitoring compliance drift?

Question 41easymultiple choice
Read the full Supporting Compliance Requirements explanation →

Which Google Cloud compliance certification is most relevant for a company that processes credit card transactions and needs to demonstrate secure handling of cardholder data?

Question 42easymultiple choice
Read the full Supporting Compliance Requirements explanation →

A company wants to encrypt data at rest in Cloud Storage using their own keys. Which Cloud service should they use to manage these keys?

Question 43mediummulti select
Read the full Supporting Compliance Requirements explanation →

A company is deploying a PCI DSS-compliant application on Google Cloud. They need to ensure that the cardholder data environment (CDE) is isolated and that only authorized services can communicate. Which TWO services should they use? (Choose 2)

Question 44hardmulti select
Read the full Supporting Compliance Requirements explanation →

A financial institution needs to comply with GDPR data subject rights. They must ensure that personal data in BigQuery can be anonymized for analytics while still allowing joins on pseudonymized identifiers. Which THREE services or features should they consider? (Choose 3)

Question 45mediummulti select
Read the full Supporting Compliance Requirements explanation →

A company is using Assured Workloads with the FEDRAMP_HIGH regime. They need to restrict where resources can be created and monitor for compliance violations. Which TWO settings should they configure? (Choose 2)

Question 46mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A healthcare organization is migrating workloads to Google Cloud and needs to process Protected Health Information (PHI) under HIPAA. Which step is required before storing PHI in any GCP service?

Question 47easymultiple choice
Read the full Supporting Compliance Requirements explanation →

A financial institution is required to retain records of all transactions for 7 years under regulatory compliance. They are using Cloud Storage for archive data and need to ensure that objects cannot be deleted or overwritten during the retention period. Which feature should they use?

Question 48hardmultiple choice
Read the full Supporting Compliance Requirements explanation →

A company is deploying a PCI DSS-compliant application on Google Cloud. They need to ensure that the Cardholder Data Environment (CDE) is isolated from other resources and that only authorized services can communicate with it. Which combination of controls should they implement?

Question 49mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A company subject to GDPR receives a request from a data subject to delete all personal data from BigQuery audit logs. The logs contain query execution details with user identifiers. How can the company comply with the right to erasure (right to be forgotten)?

Question 50easymultiple choice
Read the full Supporting Compliance Requirements explanation →

A company using Google Cloud wants to conduct a penetration test on their infrastructure. According to Google's acceptable use policy, what must they do before testing?

Question 51mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A company handles Controlled Unclassified Information (CUI) and needs to deploy a workload that complies with ITAR (International Traffic in Arms Regulations). They plan to use Assured Workloads. Which compliance regime should they select when creating the Assured Workloads folder?

Question 52mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A company is using BigQuery to store analytics data and wants to ensure that data is retained for exactly 365 days after ingestion, then automatically deleted. How can they achieve this with minimal operational overhead?

Question 53mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A company needs to store audit logs for a minimum of 5 years to meet compliance requirements. Cloud Logging retains logs for 30 days by default. Which approach should they take?

Question 54hardmultiple choice
Read the full Supporting Compliance Requirements explanation →

A company has deployed an application in Assured Workloads with the FEDRAMP_HIGH compliance regime. They need to ensure that Google Cloud personnel cannot access their data. Which additional control should they enable?

Question 55easymultiple choice
Read the full Supporting Compliance Requirements explanation →

A company wants to ensure that data stored in Cloud Storage is encrypted at rest using keys that they generate and manage on-premises. Which encryption method should they use?

Question 56mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A company is subject to PCI DSS and needs to protect a web application that processes credit card data. They want to block common web attacks such as SQL injection and cross-site scripting (XSS). Which Google Cloud service should they use?

Question 57hardmultiple choice
Read the full Supporting Compliance Requirements explanation →

A company is using Assured Workloads to meet EU data residency requirements (EU_REGIONS_AND_SUPPORT). They want to monitor compliance drift when changes are made to the environment. Which service should they use?

Question 58mediummulti select
Read the full Supporting Compliance Requirements explanation →

A company needs to implement data pseudonymisation to comply with GDPR. They are using BigQuery for analytics. Which TWO services can help them pseudonymise data in transit before it enters BigQuery?

Question 59hardmulti select
Read the full Supporting Compliance Requirements explanation →

A company is deploying a workload that must comply with FedRAMP High. They are using Assured Workloads. Which THREE controls are automatically enabled when they select the FEDRAMP_HIGH regime?

Question 60mediummulti select
Read the full Supporting Compliance Requirements explanation →

A company is implementing PCI DSS compliance on Google Cloud. They need to ensure that cardholder data is encrypted in transit and at rest. Which TWO encryption controls are required by PCI DSS?

Question 61mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

A healthcare organization is migrating PHI workloads to Google Cloud and needs to encrypt data at rest with keys that are generated and managed within their own on-premises hardware security module (HSM). Which encryption approach should they use?

Question 62easymultiple choice
Read the full Supporting Compliance Requirements explanation →

A company needs to retain critical financial records for 7 years to comply with SEC regulations. They choose to store the records in Cloud Storage. Which feature should they enable to ensure the records cannot be deleted or overwritten before the retention period expires?

Question 63hardmultiple choice
Read the full Supporting Compliance Requirements explanation →

A multinational company is using Assured Workloads to meet EU_Regions_and_Support compliance. They need to ensure that only EU-based Google personnel can access the customer's data for support purposes. Which configuration should they enable?

Question 64hardmultiple choice
Read the full Supporting Compliance Requirements explanation →

A financial institution is deploying a PCI DSS-compliant cardholder data environment (CDE) on Google Cloud. They need to segment the CDE from other environments and restrict data egress from the CDE. Which two services should they use together? (Choose the best combination.)

Question 65mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

An organization wants to run a penetration test on their Google Cloud environment to validate security controls. According to Google's Acceptable Use Policy, which of the following is true regarding penetration testing?

Question 66easymultiple choice
Read the full Supporting Compliance Requirements explanation →

A company that stores protected health information (PHI) in Google Cloud wants to run a BigQuery query to identify and classify sensitive data such as patient names and social security numbers. Which Google Cloud service should they use?

Question 67mediummultiple choice
Read the full Supporting Compliance Requirements explanation →

An organization subject to GDPR receives a data subject request for erasure ('right to be forgotten'). The data subject's information is stored in BigQuery audit logs. What is the implication for the audit logs, and what should the organization do?

Question 68hardmultiple choice
Read the full Supporting Compliance Requirements explanation →

A company using Assured Workloads with the FedRAMP High compliance regime wants to monitor for configuration changes that could cause the environment to become non-compliant. Which tool should they use to detect compliance drift?

Question 69mediummulti select
Read the full Supporting Compliance Requirements explanation →

A company is implementing a HIPAA-compliant environment on Google Cloud. They need to ensure that all access to protected health information (PHI) is logged and monitored. Which TWO steps should they take? (Choose two.)

Question 70mediummulti select
Read the full Supporting Compliance Requirements explanation →

A company subject to PCI DSS is building a cardholder data environment (CDE) on Google Cloud. They need to encrypt cardholder data at rest and in transit. Which THREE measures should they implement? (Choose three.)

Question 71hardmulti select
Read the full Supporting Compliance Requirements explanation →

A company uses Assured Workloads with the FEDRAMP_HIGH regime. They want to enforce resource location restrictions and restrict Google personnel access. Which TWO capabilities should they enable? (Choose two.)

Question 72easymulti select
Read the full Supporting Compliance Requirements explanation →

A company needs to comply with GDPR requirements for data subject rights. They must be able to provide data subjects with access to their personal data and rectify inaccuracies. Which TWO Google Cloud services can assist with these requirements? (Choose two.)

Question 73mediummulti select
Read the full Supporting Compliance Requirements explanation →

A company is implementing a data retention policy to comply with regulatory requirements. They need to retain certain BigQuery data for 7 years and ensure it cannot be deleted before the retention period ends. Which THREE steps should they take? (Choose three.)

Question 74hardmulti select
Read the full Supporting Compliance Requirements explanation →

A company is designing a PCI DSS-compliant architecture on Google Cloud. They need to ensure that the cardholder data environment (CDE) is isolated from other environments and that all access to the CDE is logged. Which THREE controls should they implement? (Choose three.)

Question 75easymulti select
Read the full Supporting Compliance Requirements explanation →

A company is subject to SOC 2 compliance and wants to demonstrate that they have implemented proper access controls on Google Cloud. Which TWO IAM best practices should they follow? (Choose two.)

Practice tests

Scored 10-question sessions with instant feedback and explanations.

PCSE Practice Test 1 — 25 Questions→PCSE Practice Test 2 — 25 Questions→PCSE Practice Test 3 — 25 Questions→PCSE Practice Test 4 — 25 Questions→PCSE Practice Test 5 — 25 Questions→PCSE Practice Exam 1 — 20 Questions→PCSE Practice Exam 2 — 20 Questions→PCSE Practice Exam 3 — 20 Questions→PCSE Practice Exam 4 — 20 Questions→Free PCSE Practice Test 1 — 30 Questions→Free PCSE Practice Test 2 — 30 Questions→Free PCSE Practice Test 3 — 30 Questions→PCSE Practice Questions 1 — 50 Questions→PCSE Practice Questions 2 — 50 Questions→PCSE Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Configuring Access Within a Cloud Solution EnvironmentEnsuring Data ProtectionManaging Operations in a Cloud Solution EnvironmentConfiguring Network SecuritySupporting Compliance Requirements

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All Supporting Compliance Requirements setsAll Supporting Compliance Requirements questionsPCSE Practice Hub