Answer-first summary for fast verification
Answer: Use the Cloud Data Loss Prevention API to redact related infoTypes before data is ingested into BigQuery.
The correct answer is B because the Cloud Data Loss Prevention (DLP) API is specifically designed to detect and redact sensitive information like credit card numbers before data ingestion into BigQuery, ensuring proactive prevention of sensitive data storage. Option A is reactive and less efficient, as it involves querying and deleting data after storage. Option C uses Security Command Center for scanning but does not prevent storage; it only identifies existing sensitive data. Option D (Cloud Identity-Aware Proxy) is unrelated, as it controls access to applications rather than data redaction. The community discussion strongly supports B, with high upvotes and references to Google's documentation on using DLP with BigQuery.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
No comments yet.
A company is running its webshop on Google Kubernetes Engine and wants to analyze customer transactions in BigQuery. You need to ensure that no credit card numbers are stored in BigQuery. What should you do?
A
Create a BigQuery view with regular expressions matching credit card numbers to query and delete affected rows.
B
Use the Cloud Data Loss Prevention API to redact related infoTypes before data is ingested into BigQuery.
C
Leverage Security Command Center to scan for the assets of type Credit Card Number in BigQuery.
D
Enable Cloud Identity-Aware Proxy to filter out credit card numbers before storing the logs in BigQuery.