Answer-first summary for fast verification
Answer: Assign predefined IAM roles to the Google Groups created and utilize Google’s default encryption at rest when storing files.
The correct answer is C. Google's best practices recommend using predefined IAM roles to manage access controls for simplicity and security. Additionally, leveraging Google’s default encryption at rest provides a straightforward and secure method for data encryption without needing to manage encryption keys manually. While custom roles and customer-supplied encryption keys offer more control, they also add complexity and are not necessary for most use cases when predefined solutions are available.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
You are tasked with setting up secure storage for sensitive files in Google Cloud Storage for your organization. According to Google's best practices and simplest design principles, what is the best approach to enforce security requirements and utilize encryption for the stored files?
A
Use Customer-Supplied Encryption Keys (CSEK) and specify a .boto file during upload with gsutil.
B
Utilize Google’s default encryption at rest.
C
Assign predefined IAM roles to the Google Groups created and utilize Google’s default encryption at rest when storing files.
D
Create and assign custom IAM roles to users for better security management.
No comments yet.