Explanation:
Correct answer is C. Authenticated Encryption with Associated Data (AEAD) provides both encryption and authentication, ensuring data confidentiality and integrity. Using AEAD functions in BigQuery allows for encrypting customer data and implementing per-user crypto-deletion by securely managing keys. This method utilizes Google Cloud's native features, avoiding the need for custom solutions.
Why the other options are incorrect:
Ultimate access to all questions.
To enhance data security, you need to encrypt customer data stored in BigQuery and implement per-user crypto-deletion. How can you use Google Cloud's native features to achieve per-user crypto-deletion for encrypted data in BigQuery?
A
Encrypt your data during ingestion by using a cryptographic library supported by your ETL pipeline.
B
Create a customer-managed encryption key (CMEK) in Cloud KMS. Use the key to encrypt data before storing in BigQuery.
C
Implement Authenticated Encryption with Associated Data (AEAD) BigQuery functions while storing your data in BigQuery.
D
Create a customer-managed encryption key (CMEK) in Cloud KMS. Associate the key to the table while creating the table.
No comments yet.