ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Associate Data Practitioner All Questions

View all questions & answers for the Associate Data Practitioner exam
Go to Exam

Exam Associate Data Practitioner topic 1 question 55 discussion

Actual exam question from Google's Associate Data Practitioner
Question #: 55
Topic #: 1
[All Associate Data Practitioner Questions]

Your organization stores highly personal data in BigQuery and needs to comply with strict data privacy regulations. You need to ensure that sensitive data values are rendered unreadable whenever an employee leaves the organization. What should you do?

  • A. Use AEAD functions and delete keys when employees leave the organization.
  • B. Use dynamic data masking and revoke viewer permissions when employees leave the organization.
  • C. Use customer-managed encryption keys (CMEK) and delete keys when employees leave the organization.
  • D. Use column-level access controls with policy tags and revoke viewer permissions when employees leave the organization.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by a_vi at Jan. 28, 2025, 6:55 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
n2183712847
5 months ago
Selected Answer: A
The best option is A. Use AEAD functions and delete keys when employees leave the organization. Option A is best because AEAD encryption makes data values unreadable by design when keys are deleted, directly meeting the requirement. Option B (Dynamic masking) is incorrect because masking only hides data, not making it unreadable at the storage level. Option C (CMEK) is less ideal than AEAD for this specific need, as it's broader encryption and potentially more disruptive. Option D (Column-level access control) is incorrect because it restricts access, but data remains readable for authorized users, not inherently unreadable. Therefore, Option A is the most precise solution for rendering data values unreadable upon employee departure.
upvoted 1 times
...
rich_maverick
5 months, 1 week ago
Selected Answer: D
You don't delete data record keys (row, tags, columns, KMS, etc..) when an employee leaves the company as that will make the data unusable for everyone who remains. That means that A and C are plain wrong. Using policy tags and removing viewer access to data tagged as sensitive is the easiest answer.
upvoted 2 times
...
SaquibHerman
5 months, 2 weeks ago
Selected Answer: A
With AEAD, we can target specific fields and ensure that only sensitive data is affected when an employee leaves, which is more efficient than locking down the entire dataset using CMEK.
upvoted 2 times
...
a_vi
6 months, 1 week ago
Selected Answer: A
AEAD looks the best option here.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel