PROFESSIONAL-CLOUD-SECURITY-ENGINEER Question #171: Real Exam Question with Answer & Explanation

Sign in or unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to reveal the answer and full explanation for question #171. The question stem and answer options stay visible for context.

Submitted by alyssa_d· Apr 18, 2026Ensuring data protection

Question

Your privacy team uses crypto-shredding (deleting encryption keys) as a strategy to delete personally identifiable information (PII). You need to implement this practice on Google Cloud while still utilizing the majority of the platform's services and minimizing operational overhead. What should you do?

Options

AUse client-side encryption before sending data to Google Cloud, and delete encryption keys on-
BUse Cloud External Key Manager to delete specific encryption keys.
CUse customer-managed encryption keys to delete specific encryption keys.
DUse Google default encryption to delete specific encryption keys.

Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to see the answer

You've previewed enough free PROFESSIONAL-CLOUD-SECURITY-ENGINEER questions. Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER - $49.99 / 30 days Sign in

Topics

#Crypto-shredding#Customer-Managed Encryption Keys (CMEK)#Data Protection#Key Management Service (KMS)

Full PROFESSIONAL-CLOUD-SECURITY-ENGINEER Practice Browse All PROFESSIONAL-CLOUD-SECURITY-ENGINEER Questions