Ultimate access to all questions.
Upgrade Now 🚀
Sign in to unlock AI tutor
You have a BigQuery table that receives data from a Pub/Sub subscription, encrypted with a Google-managed key. A new policy requires using keys from a centralized Cloud KMS project for data at rest encryption in BigQuery. How should you comply?
A
Use Cloud KMS encryption key with Dataflow to ingest the existing Pub/Sub subscription to the existing BigQuery table.
B
Create a new BigQuery table with customer-managed encryption keys (CMEK), and migrate the data from the old BigQuery table.
C
Create a new Pub/Sub topic with CMEK and use the existing BigQuery table with Google-managed encryption key.
D
Create a new BigQuery table and Pub/Sub topic with customer-managed encryption keys (CMEK), and migrate the data from the old BigQuery table.
