Answer-first summary for fast verification
Answer: Create encryption keys in Cloud Key Management Service. Use those keys to encrypt your data in all of the Compute Engine cluster instances.
The correct answer is B. By creating encryption keys in Cloud Key Management Service (KMS), you can easily manage the lifecycle of these keys, including creation, rotation, and destruction. This method reduces the risk associated with transferring keys and leverages the security and compliance features of Cloud KMS, ensuring that your data is encrypted at rest in your Compute Engine cluster instances.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You have configured a system where streaming data is inserted into a Redis cluster through a Kafka cluster. Both Redis and Kafka clusters are hosted on Compute Engine instances. Your objective is to ensure that the data at rest is encrypted. Furthermore, you require the capability to create, rotate, and destroy encryption keys as necessary. What steps should you take to achieve this?
A
Create a dedicated service account, and use encryption at rest to reference your data stored in your Compute Engine cluster instances as part of your API service calls.
B
Create encryption keys in Cloud Key Management Service. Use those keys to encrypt your data in all of the Compute Engine cluster instances.
C
Create encryption keys locally. Upload your encryption keys to Cloud Key Management Service. Use those keys to encrypt your data in all of the Compute Engine cluster instances.
D
Create encryption keys in Cloud Key Management Service. Reference those keys in your API service calls when accessing the data in your Compute Engine cluster instances.
No comments yet.