GoogleGoogle
PROFESSIONAL-CLOUD-SECURITY-ENGINEER · Question #63
PROFESSIONAL-CLOUD-SECURITY-ENGINEER Question #63: Real Exam Question with Answer & Explanation
Sign in or unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to reveal the answer and full explanation for question #63. The question stem and answer options stay visible for context.
Submitted by rachelw· Apr 18, 2026Ensuring data protection
Question
You need to follow Google-recommended practices to leverage envelope encryption and encrypt data at the application layer. What should you do?
Options
- AGenerate a data encryption key (DEK) locally to encrypt the data, and generate a new key
- BGenerate a data encryption key (DEK) locally to encrypt the data, and generate a new key
- CGenerate a new data encryption key (DEK) in Cloud KMS to encrypt the data, and generate a key
- DGenerate a new data encryption key (DEK) in Cloud KMS to encrypt the data, and generate a key
Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER to see the answer
You've previewed enough free PROFESSIONAL-CLOUD-SECURITY-ENGINEER questions. Unlock PROFESSIONAL-CLOUD-SECURITY-ENGINEER for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.
Topics
#Envelope Encryption#Cloud KMS#Application Layer Encryption#Data Encryption Key