PROFESSIONAL-CLOUD-SECURITY-ENGINEER · Question #111
PROFESSIONAL-CLOUD-SECURITY-ENGINEER Question #111: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to reveal the answer and full explanation for question #111. The question stem and answer options stay visible for context.
Question
In an effort for your company messaging app to comply with FIPS 140-2, a decision was made to use GCP compute and network services. The messaging app architecture includes a Managed Instance Group (MIG) that controls a cluster of Compute Engine instances. The instances use Local SSDs for data caching and UDP for instance-to-instance communications. The app development team is willing to make any changes necessary to comply with the standard Which options should you recommend to meet the requirements?
Options
- AEncrypt all cache storage and VM-to-VM communication using the BoringCrypto module.
- BSet Disk Encryption on the Instance Template used by the MIG to customer-managed key and
- CChange the app instance-to-instance communications from UDP to TCP and enable BoringSSL
- DSet Disk Encryption on the Instance Template used by the MIG to Google-managed Key and use
Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-CLOUD-SECURITY-ENGINEER questions. Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.