You need to upload files from your on-premises environment to Cloud Storage. You want the files to be encrypted on Cloud Storage using customer-supplied encryption keys. What should you do?
Choose an answer
Tap an option to check your answer.
Correct answer: Supply the encryption key in a .boto configuration file. Use gsutil to upload the files..
Why this is the answer
The correct approach is to supply the encryption key in a .boto configuration file and then use gsutil to upload the files. gsutil can be configured to use customer-supplied encryption keys (CSEK) by defining them in the .boto configuration file, which it automatically references for operations. This allows for consistent application of the key during uploads without needing to specify it for each command. Option 2 is incorrect because gcloud config is used for general gcloud CLI settings, not for configuring gsutil-specific encryption keys. Option 3 is incorrect because gsutil does not have a --encryption-key flag for direct key specification during upload. Option 4 is incorrect because while gsutil can create buckets, the --encryption-key flag is not a valid way to supply CSEK for uploads or bucket creation. Bucket encryption settings are typically defined at the bucket level or through object metadata, not a direct flag during creation that applies to subsequent uploads.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed