Google Cloud Professional Cloud Developer — Question 236

Your application stores customers’ content in a Cloud Storage bucket, with each object being encrypted with the customer's encryption key. The key for each object in Cloud Storage is entered into your application by the customer. You discover that your application is receiving an HTTP 4xx error when reading the object from Cloud Storage. What is a possible cause of this error?

Answer options

• A. You attempted the read operation on the object with the customer's base64-encoded key.
• B. You attempted the read operation without the base64-encoded SHA256 hash of the encryption key.
• C. You entered the same encryption algorithm specified by the customer when attempting the read operation.
• D. You attempted the read operation on the object with the base64-encoded SHA256 hash of the customer's key.

Correct answer: B

Explanation

The correct answer is B because the read operation requires the base64-encoded SHA256 hash of the encryption key to properly authenticate and decrypt the object. Option A is incorrect because using the base64-encoded key alone will not suffice without the hash. Options C and D are also incorrect as they do not address the requirement for the SHA256 hash in the read operation.