Topic 1 Question 38
A customer's internal security team must manage its own encryption keys for encrypting data on Cloud Storage and decides to use customer-supplied encryption keys (CSEK). How should the team complete this task?
Upload the encryption key to a Cloud Storage bucket, and then upload the object to the same bucket.
Use the gsutil command line tool to upload the object to Cloud Storage, and specify the location of the encryption key.
Generate an encryption key in the Google Cloud Platform Console, and upload an object to Cloud Storage using the specified key.
Encrypt the object, then use the gsutil command line tool or the Google Cloud Platform Console to upload the object to Cloud Storage.
ユーザの投票
コメント(17)
Ans : B. Because if you encrypt the object using CSEK, then you can't use google cloud console to upload the object.
👍 11DebasishLowes2021/03/11The fact is, both B & D would work. I lean towards B because it allows you to manage the file using GCP tools later as long as you keep that key around.
B is definitely incomplete though, as the boto file does need to be updated.
👍 7FatCharlie2020/11/25Ans - D
👍 4[Removed]2020/10/30
シャッフルモード