PROFESSIONAL-CLOUD-SECURITY-ENGINEER · Question #257
PROFESSIONAL-CLOUD-SECURITY-ENGINEER Question #257: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to reveal the answer and full explanation for question #257. The question stem and answer options stay visible for context.
Question
Your organization wants full control of the keys used to encrypt data at rest in their Google Cloud environments. Keys must be generated and stored outside of Google and integrate with many Google Services including BigQuery. What should you do?
Options
- AUse customer-supplied encryption keys (CSEK) with keys generated on trusted external systems.
- BCreate a KMS key that is stored on a Google managed FIPS 140-2 level 3 Hardware Security
- CUse Cloud External Key Management (EKM) that integrates with an external Hardware Security
- DCreate a Cloud Key Management Service (KMS) key with imported key material. Wrap the key for
Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-CLOUD-SECURITY-ENGINEER questions. Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.