Topic 1 Question 55
Your organization stores highly personal data in BigQuery and needs to comply with strict data privacy regulations. You need to ensure that sensitive data values are rendered unreadable whenever an employee leaves the organization. What should you do?
Use AEAD functions and delete keys when employees leave the organization.
Use dynamic data masking and revoke viewer permissions when employees leave the organization.
Use customer-managed encryption keys (CMEK) and delete keys when employees leave the organization.
Use column-level access controls with policy tags and revoke viewer permissions when employees leave the organization.
ユーザの投票
コメント(4)
- 正解だと思う選択肢: A
With AEAD, we can target specific fields and ensure that only sensitive data is affected when an employee leaves, which is more efficient than locking down the entire dataset using CMEK.
👍 2SaquibHerman2025/02/19 - 正解だと思う選択肢: A
AEAD looks the best option here.
👍 1a_vi2025/01/27 - 正解だと思う選択肢: D
You don't delete data record keys (row, tags, columns, KMS, etc..) when an employee leaves the company as that will make the data unusable for everyone who remains. That means that A and C are plain wrong. Using policy tags and removing viewer access to data tagged as sensitive is the easiest answer.
👍 1rich_maverick2025/02/27
シャッフルモード