G Professional Collaboration Engineer Practice Exam

To secure highly sensitive data and prevent unauthorized sharing, which configuration should be implemented?

• A. Turn on external sharing with whitelisted domains.
• B. Provision accounts within your domain for external users.
• C. Create a Team Drive for this engagement and limit memberships.
• D. Configure the Drive DLP rules to prevent sharing of PII and PHI.

The correct answer is: Create a Team Drive for this engagement and limit memberships.

The option regarding creating a Team Drive for this engagement and limiting memberships is particularly effective for securing highly sensitive data and preventing unauthorized sharing. Team Drives, now often referred to as Shared Drives, provide a way to manage permissions and access tightly within a defined group of users. By limiting memberships, you ensure that only those individuals who absolutely need access to the sensitive data can reach it. This helps to mitigate the risk of unauthorized users gaining entry and sharing data without permission. Additionally, because Shared Drives focus on team-based ownership, the data remains within the organization rather than being tied to individual users, which enhances security and control over sensitive information. You can specify granular permissions for different members, ensuring that sensitive data is shared strictly among those who require it for their roles or projects, thereby adhering to compliance and security protocols. While other options do provide some level of security, they may not be as robust as limiting access through a dedicated Team Drive with strict membership controls. For instance, whitelisting domains may allow some external sharing, which does not align with the goal of securing highly sensitive data. Provisioning accounts for external users also introduces a potential risk by expanding access. Configuring Drive DLP rules is essential for data protection, but it operates reactively once data