Topic 1 Question 151
Your privacy team uses crypto-shredding (deleting encryption keys) as a strategy to delete personally identifiable information (PII). You need to implement this practice on Google Cloud while still utilizing the majority of the platform's services and minimizing operational overhead. What should you do?
Use client-side encryption before sending data to Google Cloud, and delete encryption keys on-premises.
Use Cloud External Key Manager to delete specific encryption keys.
Use customer-managed encryption keys to delete specific encryption keys.
Use Google default encryption to delete specific encryption keys.
ユーザの投票
コメント(5)
- 正解だと思う選択肢: C
C. https://cloud.google.com/sql/docs/mysql/cmek "You might have situations where you want to permanently destroy data encrypted with CMEK. To do this, you destroy the customer-managed encryption key version. You can't destroy the keyring or key, but you can destroy key versions of the key."
👍 6Random_Mane2022/09/17 - 正解だと思う選択肢: C
CMEK allows users to manage their keys on google without operation overhead of managing keys externally
�👍 3rotorclear2022/10/12 - 正解だと思う選択肢: C
C is the answer to minimise operational overhead.
👍 2zellck2022/09/26
シャッフルモード