Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Associate Data Practitioner Exam - Topic 4 Question 1 Discussion

Actual exam question for Google's Associate Data Practitioner exam
Question #: 1
Topic #: 4
[All Associate Data Practitioner Questions]

Your organization stores highly personal data in BigQuery and needs to comply with strict data privacy regulations. You need to ensure that sensitive data values are rendered unreadable whenever an employee leaves the organization. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: C

Using customer-managed encryption keys (CMEK) allows you to encrypt highly sensitive data in BigQuery with encryption keys managed by your organization. When an employee leaves the organization, you can render the data unreadable by deleting or revoking access to the encryption keys associated with the data. This approach ensures compliance with strict data privacy regulations by making the data inaccessible without the encryption keys, providing strong control over data access and security.


by Felix at Jan 22, 2025, 07:52 PM

Limited Time Offer

25%

Off

Get Premium Associate Data Practitioner Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Ryan
4 months ago
Not sure if deleting keys is enough, what if they still have access?
upvoted 0 times
...
Florinda
4 months ago
Definitely going with C, CMEK is crucial for compliance!
upvoted 0 times
...
Ira
4 months ago
Wait, can dynamic data masking really protect sensitive data like that?
upvoted 0 times
...
Micaela
4 months ago
I disagree, AEAD functions (A) seem more secure for this scenario.
upvoted 0 times
...
Maira
4 months ago
I think option C is the best choice for key management.
upvoted 0 times
...
Josephine
5 months ago
Option D seems like a good approach with column-level access controls, but I'm not confident if revoking permissions alone is enough for compliance.
upvoted 0 times
...
Carlton
5 months ago
I feel like CMEK in option C could be the right choice since deleting keys would make the data unreadable, but I need to double-check the specifics.
upvoted 0 times
...
Maile
5 months ago
I remember practicing with dynamic data masking, so option B might be relevant, but it doesn't seem like it fully addresses the data privacy issue.
upvoted 0 times
...
Mirta
5 months ago
I think option A sounds familiar, but I'm not entirely sure how AEAD functions work in this context.
upvoted 0 times
...
Lashonda
5 months ago
AEAD functions and key deletion sounds promising. I'll make sure to double-check the details on that approach.
upvoted 0 times
...
Miss
5 months ago
Dynamic data masking could be a good solution, but I'm not sure if that fully addresses the requirement to render the data unreadable.
upvoted 0 times
...
Kina
5 months ago
Okay, I think I've got it. Using CMEK and deleting the keys when employees leave seems like the most secure option.
upvoted 0 times
...
Xochitl
5 months ago
Hmm, I'm a bit confused by the question. Let me re-read it and see if I can figure out the best approach.
upvoted 0 times
...
Jacklyn
5 months ago
This seems like a tricky one. I'll need to think through the different options carefully.
upvoted 0 times
...
Margarita
1 year ago
Ooh, tricky one. I'm leaning towards B. Revoking permissions is a must, and dynamic masking is a nice extra layer of protection.
upvoted 0 times
...
Annita
1 year ago
Ha! Reminds me of that time I accidentally deleted a whole database by mistake. Anyway, I'm going with D - gotta love those policy tags!
upvoted 0 times
Mirta
1 year ago
Yeah, policy tags are great for controlling access to sensitive data.
upvoted 0 times
...
Claribel
1 year ago
I think D is a good choice too, policy tags can be really helpful.
upvoted 0 times
...
...
Nilsa
1 year ago
I'd say C is the answer. Deleting the encryption keys is the best way to make the data unreadable when employees leave.
upvoted 0 times
Olen
12 months ago
I agree with you, A sounds like the most secure option for protecting sensitive data.
upvoted 0 times
...
Florinda
1 year ago
I think A is the best option. Using AEAD functions and deleting keys ensures data security.
upvoted 0 times
...
...
Sharika
1 year ago
I think using customer-managed encryption keys and deleting keys is the best way to go.
upvoted 0 times
...
Armando
1 year ago
I'm not sure, I think using dynamic data masking could also be a good solution.
upvoted 0 times
...
Danilo
1 year ago
I agree with Kenneth, that seems like the most secure option.
upvoted 0 times
...
Denny
1 year ago
Definitely D. Dynamic data masking and AEAD functions are good, but policy tags and access controls give you the most control.
upvoted 0 times
Annmarie
1 year ago
I think using a combination of column-level access controls and CMEK would be the most secure option.
upvoted 0 times
...
Arminda
1 year ago
That's true, CMEK could provide an extra layer of security for the sensitive data.
upvoted 0 times
...
Margo
1 year ago
But wouldn't using customer-managed encryption keys (CMEK) also be a good way to protect the data?
upvoted 0 times
...
Roselle
1 year ago
I agree, D seems like the best option for controlling access to sensitive data.
upvoted 0 times
...
...
Jerrod
1 year ago
Hmm, I think D is the way to go. Seems like the most robust solution to ensure data privacy.
upvoted 0 times
Jutta
1 year ago
I think A might also be a good option to consider for ensuring data privacy.
upvoted 0 times
...
Dalene
1 year ago
I agree, D does seem like a robust solution to protect sensitive data.
upvoted 0 times
...
...
Kenneth
1 year ago
I think we should use AEAD functions and delete keys when employees leave.
upvoted 0 times
...

Save Cancel