New Year Sale Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ac4s65

Your organization wants full control of the keys used to encrypt data at rest in...

Google Professional-Cloud-Security-Engineer Full Course Access
Google Professional-Cloud-Security-Engineer View All Questions

Your organization wants full control of the keys used to encrypt data at rest in their Google Cloud environments. Keys must be generated and stored outside of Google and integrate with many Google Services including BigQuery.

What should you do?

A.

Create a Cloud Key Management Service (KMS) key with imported key material Wrap the key for protection during import. Import the key generated on a trusted system in Cloud KMS.

B.

Create a KMS key that is stored on a Google managed FIPS 140-2 level 3 Hardware Security Module (HSM) Manage the Identity and Access Management (IAM) permissions settings, and set up the key rotation period.

C.

Use Cloud External Key Management (EKM) that integrates with an external Hardware Security Module(HSM) system from supported vendors.

D.

Use customer-supplied encryption keys (CSEK) with keys generated on trusted external systems Provide the raw CSEK as part of the API call.

Professional-Cloud-Security-Engineer PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now Professional-Cloud-Security-Engineer pdf
Get 65% Discount on All Products, Use Coupon: "ac4s65"
Next
Your organization previously stored files in Cloud Storage by using Google Managed Encryption Keys (GMEK).
You are routing all your internet facing traffic from Google Cloud through your on-premises internet...
Previous