Answer-first summary for fast verification
Answer: Implement Authenticated Encryption with Associated Data (AEAD) BigQuery functions while storing your data in BigQuery.
The correct answer is A. Implementing Authenticated Encryption with Associated Data (AEAD) BigQuery functions while storing your data in BigQuery allows you to encrypt specific data fields using a unique key per user. By managing these keys outside of BigQuery, you can effectively revoke access to a user's key, making their data unreadable and achieving crypto-deletion. This approach utilizes native features in Google Cloud without requiring custom solutions.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
As a Data Engineer, you are tasked with ensuring the security and privacy of customer data stored in Google BigQuery. Specifically, you need to encrypt the data and implement per-user crypto-deletion, allowing for the secure deletion of specific user data. Your goal is to leverage native Google Cloud features to achieve this, avoiding any bespoke or custom-built solutions. How should you proceed to meet these requirements?
A
Implement Authenticated Encryption with Associated Data (AEAD) BigQuery functions while storing your data in BigQuery.
B
Create a customer-managed encryption key (CMEK) in Cloud KMS. Associate the key to the table while creating the table.
C
Create a customer-managed encryption key (CMEK) in Cloud KMS. Use the key to encrypt data before storing in BigQuery.
D
Encrypt your data during ingestion by using a cryptographic library supported by your ETL pipeline.
No comments yet.