You need to implement an encryption at-rest strategy that reduces key management overhead for non-sensitive data while protecting sensitive data, offers control over key residency and rotation schedules, and meets FIPS 140-2 Level 1 compliance for all data. What should you do?

Exam-Like

Encrypt non-sensitive data and sensitive data with Cloud External Key Manager.

Encrypt non-sensitive data and sensitive data with Cloud Key Management Service

Encrypt non-sensitive data with Google default encryption, and encrypt sensitive data with Cloud External Key Manager.

Encrypt non-sensitive data with Google default encryption, and encrypt sensitive data with Cloud Key Management Service.

Google Professional Cloud Security Engineer