Topic 1 Question 110
Your organization works with sensitive data that requires you to manage your own encryption keys. You are working on a project that stores that data in a Cloud SQL database. You need to ensure that stored data is encrypted with your keys. What should you do?
Export data periodically to a Cloud Storage bucket protected by Customer-Supplied Encryption Keys.
Use Cloud SQL Auth proxy.
Connect to Cloud SQL using a connection that has SSL encryption.
Use customer-managed encryption keys with Cloud SQL.
ユーザの投票
コメント(3)
- 正解だと思う選択肢: D
Standard CMEK quiestion, D
👍 3chelbsik2022/12/26 D. By stored data, we assume it means stored in the database so there’s no point in exporting it to encrypt it. A is wrong. Cloud SQL Auth Proxy is about secure connections to Cloud SQL, not encrypted data. B is wrong and so is C for the same reason. That leaves D. Just use CMEK when you create the instance.
👍 2dynamic_dba2023/03/16D: Use customer-managed encryption keys *** with Cloud SQL. How do I encrypt a SQL database? Enable Transparent Data Encryption (TDE)
Create a master key. Create or obtain a certificate protected by the master key. Create a database encryption key and protect it by using the certificate. Set the database to use encryption.
👍 1pk3492022/12/24
シャッフルモード