A company needs to comply with the General Data Protection Regulation (GDPR). They are using BigQuery to store personal data. Which THREE measures should they implement to meet GDPR requirements?
Audit logs are necessary for demonstrating compliance.
Why this answer
Option A is correct because Cloud Audit Logs provide a comprehensive, immutable record of all administrative and data access activities in BigQuery, which is essential for demonstrating GDPR compliance through accountability and traceability. By enabling audit logs, the company can track who accessed personal data, when, and from where, fulfilling the GDPR requirement to maintain records of processing activities.
Exam trap
Google Cloud often tests the misconception that encryption (like Cloud KMS) is a primary GDPR measure for BigQuery, when in reality BigQuery's default encryption already meets encryption requirements, and the focus should be on access control, auditability, and data lifecycle management.