Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
You need to upload files from your on-premises environment to Cloud Storage. You want the files to be encrypted on Cloud Storage using customer-supplied encryption keys. What should you do?
A.
Supply the encryption key in a .boto configuration file. Use gsutil to upload the files.
B.
Supply the encryption key using gcloud config. Use gsutil to upload the files to that bucket.
C.
Use gsutil to upload the files, and use the flag --encryption-key to supply the encryption key.
D.
Use gsutil to create a bucket, and use the flag --encryption-key to supply the encryption key. Use gsutil to upload the files to that bucket.
In GCP document, key could be configured in .boto.
I didn't find information show gsutil suppots flag "--encryption-key".
https://cloud.google.com/storage/docs/encryption/customer-supplied-keys
.boto file with encryption key, but it will works for individual users, every user should update their own .boto with same key. Also while retrieving you should use the same key to decryption.
A is correct.
C is a trick. The --encryption-key flag only works with gcloud command, not with gsutil
https://cloud.google.com/storage/docs/encryption/using-customer-supplied-keys#gcloud
Take into account that by the time this exam was designed, gcloud storage was most likely still not available or just in beta.
The "--encryption-key" flag is meant to be used with gcloud, not with gsutil; having said this, if in the actual exam the option says gcloud storage, go for C. If it says gsutil, go for A, as gsutil does not have any "--encryption-key" flag and this question was probably intended to be tricky when it was crafted.
Btw, the official documentation states that gcloud storage should be used with that flag, and for gsutil we should add the encryption key to the .boto file - https://cloud.google.com/storage/docs/encryption/using-customer-supplied-keys#gsutil. Again, the questions are probably old and gcloud storage is relatively new.
https://cloud.google.com/storage/docs/encryption/using-customer-supplied-keys#command-line ; clearly states for gsutil you need a boto config, that makes C invalid
Hey man! The answer is A.
"--encryption-key" is the flag for "gcloud storage cp" command only, not for gsutil.
https://cloud.google.com/storage/docs/encryption/using-customer-supplied-keys#gsutil
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
KouShikyou
Highly Voted 4 years, 6 months agotartar
3 years, 9 months agonitinz
3 years, 2 months agokumarp6
3 years, 6 months agoEroc
Highly Voted 4 years, 6 months ago0verK0alafied
Most Recent 1 week, 5 days agonetizens
2 months, 3 weeks agokip21
3 months, 3 weeks agopkmdb66
5 months agoGungarg
5 months, 2 weeks agoPime13
3 months agoelequiel
5 months, 2 weeks agoMosstheboss
5 months, 1 week agospatters
6 months agojrisl1991
6 months, 2 weeks agosam_test_89
6 months, 3 weeks agoAdityaGupta
7 months agoRKS_2021
7 months, 1 week agoMurtuza
7 months, 1 week agoRKS_2021
7 months, 1 week agoductrinh
7 months, 1 week agosheucm89
7 months, 2 weeks ago