Your company is planning to store sensitive PII data in a cloud storage bucket. The compliance department prefers not to use Google-managed keys for encrypting this sensitive PII data and has requested that all new objects uploaded to this bucket be encrypted using customer-managed encryption keys. Which actions should you take? (Select Three)

Real Exam

Modify .boto configuration to include encryption_key = [KEY_RESOURCE] when uploading objects to bucket.

21.1%

In the bucket advanced settings, select the Customer-managed key and then select a Cloud KMS encryption key.

31.6%

Use gsutil with --encryption-key=[ENCRYPTION_KEY] when uploading objects to the bucket._

13.2%

Use gsutil with -o "GSUtil:encryption_key=[KEY_RESOURCE]" when uploading objects to the bucket.

31.6%

In the bucket advanced settings, select the Customer-supplied key and then select a Cloud KMS encryption key.

2.6%

Google Associate Cloud Engineer