Google Professional Cloud Security Engineer
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
Your organization has been storing files in Cloud Storage using Google-Managed Encryption Keys (GMEK). Due to a new internal policy, you must now use Customer-Managed Encryption Keys (CMEK). You need to re-encrypt the existing files quickly, efficiently, and at minimal cost.
What should you do?
A
Reupload the files to the same Cloud Storage bucket specifying a key file by using gsutil.
B
Encrypt the files locally, and then use gsutil to upload the files to a new bucket.
C
Copy the files to a new bucket with CMEK enabled in a secondary region.
D
Change the encryption type on the bucket to CMEK, and rewrite the objects.