Share Sensitive Data with External Company: Most Secure Method, Few Steps | Exam Ace Answer

Share Sensitive Data with External Company: Most Secure Method, Few Steps

Prev Question Next Question

Question

You have an object in a Cloud Storage bucket that you want to share with an external company.

The object contains sensitive data.

You want access to the content to be removed after four hours.

The external company does not have a Google account to which you can grant specific user-based access privileges.

You want to use the most secure method that requires the fewest steps.

What should you do?

Answers

A. Create a signed URL with a four-hour expiration and share the URL with the company.

B. Set object access to ˜public` and use object lifecycle management to remove the object after four hours.

C. Configure the storage bucket as a static website and furnish the object`s URL to the company. Delete the object from the storage bucket after four hours.

D. Create a new Cloud Storage bucket specifically for the external company to access. Copy the object to that bucket. Delete the bucket after four hours have passed.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

The most secure and efficient method to share an object in Cloud Storage with an external company that does not have a Google account, but still want access to the content to be removed after four hours is to create a signed URL with a four-hour expiration and share the URL with the company.

Option A is the correct answer.

Here is an explanation of each option:

A. Create a signed URL with a four-hour expiration and share the URL with the company.

This option involves creating a signed URL that grants temporary access to the object for the external company without requiring a Google account. The URL has a time-based expiration, so access to the object is automatically removed after four hours. This is the most secure method as it does not require giving permanent access to the external company.

B. Set object access to public' and use object lifecycle management to remove the object after four hours.

This option involves setting the object's access to "public," which means that anyone with the URL can access it. However, this method is not secure because anyone who has the URL can access the object, not just the external company. Additionally, relying on object lifecycle management to remove the object after four hours does not guarantee that the object will be deleted on time, as there could be issues with the configuration.

C. Configure the storage bucket as a static website and furnish the object's URL to the company. Delete the object from the storage bucket after four hours.

This option involves configuring the storage bucket as a static website, which is unnecessary for sharing an object. Additionally, deleting the object from the storage bucket after four hours is not guaranteed, as there could be issues with the configuration.

D. Create a new Cloud Storage bucket specifically for the external company to access. Copy the object to that bucket. Delete the bucket after four hours have passed.

This option involves creating a new bucket specifically for the external company to access, which is unnecessary. Additionally, deleting the bucket after four hours is not guaranteed, as there could be issues with the configuration.

Therefore, the best option is to create a signed URL with a four-hour expiration and share the URL with the external company, as it is the most secure method that requires the fewest steps.

Prev Question Next Question