Answer-first summary for fast verification
Answer: Encrypt the card data with a deterministic algorithm stored in Firestore using Datastore mode.
The correct answer is B: Encrypt the card data with a deterministic algorithm stored in Firestore using Datastore mode. This is because using a deterministic algorithm allows for identifying duplicate credit cards without storing plaintext card numbers, satisfying the requirement of not storing plain text. Firestore in Datastore mode supports this functionality while providing low latency at a minimal cost. Additionally, Firestore can scale to millions of writes per second, making it an efficient choice for a high-volume service like the one needed by HRL. The deterministic encryption ensures that the same input yields the same encrypted output, assisting in the identification of duplicates while maintaining security.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
Based on the Helicopter Racing League (HRL) case study, your team is in charge of creating a payment card data vault for card numbers used to bill tens of thousands of viewers, merchandise consumers, and season ticket holders. HRL wants to expand their predictive capabilities and reduce latency for their viewers in emerging markets. You need to implement a custom card tokenization service that meets the following requirements: * It must provide low latency at minimal cost. * It must be able to identify duplicate credit cards and must not store plaintext card numbers. * It should support annual key rotation. Which storage approach should you adopt for your tokenization service?
A
Store the card data in Secret Manager after running a query to identify duplicates.
B
Encrypt the card data with a deterministic algorithm stored in Firestore using Datastore mode.
C
Encrypt the card data with a deterministic algorithm and shard it across multiple Memorystore instances.
D
Use column-level encryption to store the data in Cloud SQL.