You are designing a Data Warehouse on Google Cloud and want to store sensitive data in BigQuery. Due to stringent security policies, your company requires you to generate the encryption keys outside of Google Cloud. This ensures that the encryption keys are managed and controlled internally before being utilized within Google Cloud services. You need to implement a solution that adheres to these requirements. What should you do?

Exam-Like

Generate a new key in Cloud Key Management Service (Cloud KMS). Store all data in Cloud Storage using the customer-managed key option and select the created key. Set up a Dataflow pipeline to decrypt the data and to store it in a new BigQuery dataset.

11.1%

Generate a new key in Cloud KMS. Create a dataset in BigQuery using the customer-managed key option and select the created key.

9.0%

Import a key in Cloud KMS. Store all data in Cloud Storage using the customer-managed key option and select the created key. Set up a Dataflow pipeline to decrypt the data and to store it in a new BigQuery dataset.

19.6%

Import a key in Cloud KMS. Create a dataset in BigQuery using the customer-supplied key option and select the created key.

60.3%

Google Professional Cloud Architect

Get started today

Comments