Answer-first summary for fast verification
Answer: Use customer-managed encryption keys with Cloud SQL.
To ensure that stored data in a Cloud SQL database is encrypted with your own keys, the most appropriate action is to use customer-managed encryption keys (CMEK) with Cloud SQL. This option allows you to manage and control the encryption keys used to encrypt your data at rest in Cloud SQL. Option A is not suitable because exporting data to a Cloud Storage bucket does not encrypt the data within the Cloud SQL database itself. Option B, using Cloud SQL Auth proxy, is about secure connections and does not directly relate to data encryption at rest. Option C, connecting to Cloud SQL using SSL encryption, secures data in transit but not at rest. Therefore, the correct answer is D.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
How can you encrypt sensitive data in a Cloud SQL database using your own encryption keys?
A
Export data periodically to a Cloud Storage bucket protected by Customer-Supplied Encryption Keys.
B
Use Cloud SQL Auth proxy.
C
Connect to Cloud SQL using a connection that has SSL encryption.
D
Use customer-managed encryption keys with Cloud SQL.
No comments yet.