- Home
- Google Certified Professional Data Engineer Exam
- Google.Professional-Data-Engineer.v2025-04-23.q181
- Question 57
Valid Professional-Data-Engineer Dumps shared by ExamDiscuss.com for Helping Passing Professional-Data-Engineer Exam! ExamDiscuss.com now offer the newest Professional-Data-Engineer exam dumps, the ExamDiscuss.com Professional-Data-Engineer exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com Professional-Data-Engineer dumps with Test Engine here:
Access Professional-Data-Engineer Dumps Premium Version
(386 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 57/181
One of your encryption keys stored in Cloud Key Management Service (Cloud KMS) was exposed. You need to re-encrypt all of your CMEK-protected Cloud Storage data that used that key. and then delete the compromised key. You also want to reduce the risk of objects getting written without customer-managed encryption key (CMEK protection in the future. What should you do?
Correct Answer: C
To re-encrypt all of your CMEK-protected Cloud Storage data after a key has been exposed, and to ensure future writes are protected with a new key, creating a new Cloud KMS key and a new Cloud Storage bucket is the best approach. Here's why option C is the best choice:
Re-encryption of Data:
By creating a new Cloud Storage bucket and copying all objects from the old bucket to the new bucket while specifying the new Cloud KMS key, you ensure that all data is re-encrypted with the new key.
This process effectively re-encrypts the data, removing any dependency on the compromised key.
Ensuring CMEK Protection:
Creating a new bucket and setting the new CMEK as the default ensures that all future objects written to the bucket are automatically protected with the new key.
This reduces the risk of objects being written without CMEK protection.
Deletion of Compromised Key:
Once the data has been copied and re-encrypted, the old key can be safely deleted from Cloud KMS, eliminating the risk associated with the compromised key.
Steps to Implement:
Create a New Cloud KMS Key:
Create a new encryption key in Cloud KMS to replace the compromised key.
Create a New Cloud Storage Bucket:
Create a new Cloud Storage bucket and set the default CMEK to the new key.
Copy and Re-encrypt Data:
Use the gsutil tool to copy data from the old bucket to the new bucket while specifying the new CMEK key:
gsutil -o "GSUtil:gs_json_api_version=2" cp -r gs://old-bucket/* gs://new-bucket/ Delete the Old Key:
After ensuring all data is copied and re-encrypted, delete the compromised key from Cloud KMS.
Reference:
Cloud KMS Documentation
Cloud Storage Encryption
Re-encrypting Data in Cloud Storage
Re-encryption of Data:
By creating a new Cloud Storage bucket and copying all objects from the old bucket to the new bucket while specifying the new Cloud KMS key, you ensure that all data is re-encrypted with the new key.
This process effectively re-encrypts the data, removing any dependency on the compromised key.
Ensuring CMEK Protection:
Creating a new bucket and setting the new CMEK as the default ensures that all future objects written to the bucket are automatically protected with the new key.
This reduces the risk of objects being written without CMEK protection.
Deletion of Compromised Key:
Once the data has been copied and re-encrypted, the old key can be safely deleted from Cloud KMS, eliminating the risk associated with the compromised key.
Steps to Implement:
Create a New Cloud KMS Key:
Create a new encryption key in Cloud KMS to replace the compromised key.
Create a New Cloud Storage Bucket:
Create a new Cloud Storage bucket and set the default CMEK to the new key.
Copy and Re-encrypt Data:
Use the gsutil tool to copy data from the old bucket to the new bucket while specifying the new CMEK key:
gsutil -o "GSUtil:gs_json_api_version=2" cp -r gs://old-bucket/* gs://new-bucket/ Delete the Old Key:
After ensuring all data is copied and re-encrypted, delete the compromised key from Cloud KMS.
Reference:
Cloud KMS Documentation
Cloud Storage Encryption
Re-encrypting Data in Cloud Storage
- Question List (181q)
- Question 1: You work for a farming company. You have one BigQuery table ...
- Question 2: You have a data pipeline that writes data to Cloud Bigtable ...
- Question 3: You're using Bigtable for a real-time application, and you h...
- Question 4: You are testing a Dataflow pipeline to ingest and transform ...
- Question 5: You work for a shipping company that uses handheld scanners ...
- Question 6: You are designing a data mesh on Google Cloud by using Datap...
- Question 7: You need to choose a database for a new project that has the...
- Question 8: You are administering a BigQuery dataset that uses a custome...
- Question 9: Your infrastructure includes a set of YouTube channels. You ...
- Question 10: Your globally distributed auction application allows users t...
- Question 11: To give a user read permission for only the first three colu...
- Question 12: A TensorFlow machine learning model on Compute Engine virtua...
- Question 13: You have a network of 1000 sensors. The sensors generate tim...
- Question 14: You are running a Dataflow streaming pipeline, with Streamin...
- Question 15: The YARN ResourceManager and the HDFS NameNode interfaces ar...
- Question 16: The Dataflow SDKs have been recently transitioned into which...
- Question 17: You have designed an Apache Beam processing pipeline that re...
- Question 18: You are working on a sensitive project involving private use...
- Question 19: You need to move 2 PB of historical data from an on-premises...
- Question 20: Which of the following is NOT true about Dataflow pipelines?...
- Question 21: You are operating a Cloud Dataflow streaming pipeline. The p...
- Question 22: You are using BigQuery and Data Studio to design a customer-...
- Question 23: Scaling a Cloud Dataproc cluster typically involves ____....
- Question 24: Your infrastructure includes a set of YouTube channels. You ...
- Question 25: You orchestrate ETL pipelines by using Cloud Composer One of...
- Question 26: You have several Spark jobs that run on a Cloud Dataproc clu...
- Question 27: You are creating a data model in BigQuery that will hold ret...
- Question 28: Flowlogistic wants to use Google BigQuery as their primary a...
- Question 29: You are loading CSV files from Cloud Storage to BigQuery. Th...
- Question 30: You are implementing workflow pipeline scheduling using open...
- Question 31: You have terabytes of customer behavioral data streaming fro...
- Question 32: Which of the following are feature engineering techniques? (...
- Question 33: You are implementing security best practices on your data pi...
- Question 34: Which SQL keyword can be used to reduce the number of column...
- Question 35: Your company is migrating its on-premises data warehousing s...
- Question 36: You are troubleshooting your Dataflow pipeline that processe...
- Question 37: Your startup has never implemented a formal security policy....
- Question 38: Your company built a TensorFlow neural-network model with a ...
- Question 39: You are developing an application that uses a recommendation...
- Question 40: You need ads data to serve Al models and historical data tor...
- Question 41: To run a TensorFlow training job on your own computer using ...
- Question 42: You have several different unstructured data sources, within...
- Question 43: You need to set access to BigQuery for different departments...
- Question 44: Your team is working on a binary classification problem. You...
- Question 45: You are integrating one of your internal IT applications and...
- Question 46: Your company uses a proprietary system to send inventory dat...
- Question 47: Which Java SDK class can you use to run your Dataflow progra...
- Question 48: What is the HBase Shell for Cloud Bigtable?...
- Question 49: Business owners at your company have given you a database of...
- Question 50: You work for a large ecommerce company. You store your custo...
- Question 51: You are designing an Apache Beam pipeline to enrich data fro...
- Question 52: Your car factory is pushing machine measurements as messages...
- Question 53: Which Google Cloud Platform service is an alternative to Had...
- Question 54: You have a petabyte of analytics data and need to design a s...
- Question 55: You work for an airline and you need to store weather data i...
- Question 56: You are deploying a batch pipeline in Dataflow. This pipelin...
- Question 57: One of your encryption keys stored in Cloud Key Management S...
- Question 58: You work for a manufacturing company that sources up to 750 ...
- Question 59: You need to migrate a 2TB relational database to Google Clou...
- Question 60: An aerospace company uses a proprietary data format to store...
- Question 61: You work for an advertising company, and you've developed a ...
- Question 62: Your organization is modernizing their IT services and migra...
- Question 63: Your company is using WHILECARD tables to query data across ...
- Question 64: You are selecting services to write and transform JSON messa...
- Question 65: You work on a regression problem in a natural language proce...
- Question 66: You need to choose a database to store time series CPU and m...
- Question 67: Google Cloud Bigtable indexes a single value in each row. Th...
- Question 68: Your analytics team wants to build a simple statistical mode...
- Question 69: You have data located in BigQuery that is used to generate r...
- Question 70: Which of the following statements is NOT true regarding Bigt...
- Question 71: You have thousands of Apache Spark jobs running in your on-p...
- Question 72: The CUSTOM tier for Cloud Machine Learning Engine allows you...
- Question 73: You have spent a few days loading data from comma-separated ...
- Question 74: You decided to use Cloud Datastore to ingest vehicle telemet...
- Question 75: You are running a pipeline in Cloud Dataflow that receives m...
- Question 76: Your United States-based company has created an application ...
- Question 77: You are creating the CI'CD cycle for the code of the directe...
- Question 78: When you design a Google Cloud Bigtable schema it is recomme...
- Question 79: You work for a bank. You have a labelled dataset that contai...
- Question 80: Flowlogistic's management has determined that the current Ap...
- Question 81: You are on the data governance team and are implementing sec...
- Question 82: You are managing a Cloud Dataproc cluster. You need to make ...
- Question 83: You work for a mid-sized enterprise that needs to move its o...
- Question 84: You create a new report for your large team in Google Data S...
- Question 85: Which of the following are examples of hyperparameters? (Sel...
- Question 86: You migrated your on-premises Apache Hadoop Distributed File...
- Question 87: Which is the preferred method to use to avoid hotspotting in...
- Question 88: You are a retailer that wants to integrate your online sales...
- Question 89: You have developed three data processing jobs. One executes ...
- Question 90: You need to compose visualization for operations teams with ...
- Question 91: An online brokerage company requires a high volume trade pro...
- Question 92: You are building a report-only data warehouse where the data...
- Question 93: You want to migrate an on-premises Hadoop system to Cloud Da...
- Question 94: The marketing team at your organization provides regular upd...
- Question 95: Your organization has been collecting and analyzing data in ...
- Question 96: For the best possible performance, what is the recommended z...
- Question 97: When using Cloud Dataproc clusters, you can access the YARN ...
- Question 98: Your company's customer_order table in BigOuery stores the o...
- Question 99: You are using Workflows to call an API that returns a 1 KB J...
- Question 100: You are implementing several batch jobs that must be execute...
- Question 101: Which of the following statements about the Wide & Deep ...
- Question 102: You maintain ETL pipelines. You notice that a streaming pipe...
- Question 103: You have a data pipeline with a Dataflow job that aggregates...
- Question 104: You are running your BigQuery project in the on-demand billi...
- Question 105: Cloud Bigtable is Google's ______ Big Data database service....
- Question 106: You are operating a streaming Cloud Dataflow pipeline. Your ...
- Question 107: You want to process payment transactions in a point-of-sale ...
- Question 108: Which row keys are likely to cause a disproportionate number...
- Question 109: You want to use Google Stackdriver Logging to monitor Google...
- Question 110: You need to copy millions of sensitive patient records from ...
- Question 111: Flowlogistic is rolling out their real-time inventory tracki...
- Question 112: You operate an IoT pipeline built around Apache Kafka that n...
- Question 113: An organization maintains a Google BigQuery dataset that con...
- Question 114: Government regulations in the banking industry mandate the p...
- Question 115: You are using Cloud Bigtable to persist and serve stock mark...
- Question 116: You want to optimize your queries for cost and performance. ...
- Question 117: Which role must be assigned to a service account used by the...
- Question 118: You want to rebuild your batch pipeline for structured data ...
- Question 119: A web server sends click events to a Pub/Sub topic as messag...
- Question 120: You are migrating your data warehouse to Google Cloud and de...
- Question 121: Which of these statements about BigQuery caching is true?...
- Question 122: Your company's data platform ingests CSV file dumps of booki...
- Question 123: Which action can a Cloud Dataproc Viewer perform?...
- Question 124: You are building a new data pipeline to share data between t...
- Question 125: You have Cloud Functions written in Node.js that pull messag...
- Question 126: You are migrating a large number of files from a public HTTP...
- Question 127: You are designing a data processing pipeline. The pipeline m...
- Question 128: You have one BigQuery dataset which includes customers' stre...
- Question 129: Which of these rules apply when you add preemptible workers ...
- Question 130: You work for a large financial institution that is planning ...
- Question 131: Which of the following is not true about Dataflow pipelines?...
- Question 132: You have data pipelines running on BigQuery, Cloud Dataflow,...
- Question 133: You have enabled the free integration between Firebase Analy...
- Question 134: Your company maintains a hybrid deployment with GCP, where a...
- Question 135: A shipping company has live package-tracking data that is se...
- Question 136: If you want to create a machine learning model that predicts...
- Question 137: You are configuring networking for a Dataflow job. The data ...
- Question 138: All Google Cloud Bigtable client requests go through a front...
- Question 139: You have a requirement to insert minute-resolution data from...
- Question 140: You're training a model to predict housing prices based on a...
- Question 141: An external customer provides you with a daily dump of data ...
- Question 142: You have important legal hold documents in a Cloud Storage b...
- Question 143: Your company receives both batch- and stream-based event dat...
- Question 144: Suppose you have a dataset of images that are each labeled a...
- Question 145: You work for a global shipping company. You want to train a ...
- Question 146: You currently have a single on-premises Kafka cluster in a d...
- Question 147: You have a Standard Tier Memorystore for Redis instance depl...
- Question 148: You are migrating your on-premises data warehouse to BigQuer...
- Question 149: Your company's on-premises Apache Hadoop servers are approac...
- Question 150: How would you query specific partitions in a BigQuery table?...
- Question 151: What are two of the benefits of using denormalized data stru...
- Question 152: You set up a streaming data insert into a Redis cluster via ...
- Question 153: Your team is responsible for developing and maintaining ETLs...
- Question 154: You have a streaming pipeline that ingests data from Pub/Sub...
- Question 155: You have a query that filters a BigQuery table using a WHERE...
- Question 156: You are developing a software application using Google's Dat...
- Question 157: You have a BigQuery table that ingests data directly from a ...
- Question 158: Which of the following is not possible using primitive roles...
- Question 159: You are developing an application on Google Cloud that will ...
- Question 160: You are designing storage for 20 TB of text files as part of...
- Question 161: Given the record streams MJTelco is interested in ingesting ...
- Question 162: Dataproc clusters contain many configuration files. To updat...
- Question 163: You store historic data in Cloud Storage. You need to perfor...
- Question 164: You are running a streaming pipeline with Dataflow and are u...
- Question 165: You issue a new batch job to Dataflow. The job starts succes...
- Question 166: You are designing storage for very large text files for a da...
- Question 167: You are choosing a NoSQL database to handle telemetry data s...
- Question 168: Which methods can be used to reduce the number of rows proce...
- Question 169: Which of these is not a supported method of putting data int...
- Question 170: Which Cloud Dataflow / Beam feature should you use to aggreg...
- Question 171: You have a data processing application that runs on Google K...
- Question 172: What are the minimum permissions needed for a service accoun...
- Question 173: You work for a large real estate firm and are preparing 6 TB...
- Question 174: You have created an external table for Apache Hive partition...
- Question 175: You are designing a Dataflow pipeline for a batch processing...
- Question 176: What are all of the BigQuery operations that Google charges ...
- Question 177: You are planning to use Google's Dataflow SDK to analyze cus...
- Question 178: You create an important report for your large team in Google...
- Question 179: Which of these operations can you perform from the BigQuery ...
- Question 180: You operate a database that stores stock trades and an appli...
- Question 181: Why do you need to split a machine learning dataset into tra...
[×]
Download PDF File
Enter your email address to download Google.Professional-Data-Engineer.v2025-04-23.q181.pdf