Google Professional Cloud Security Engineer
Get started today
Ultimate access to all questions.
Your organization runs a mission-critical workload in a highly regulated industry. Sensitive data is uploaded from endpoint computers to Cloud Storage and then processed by Compute Engine VMs. A compliance review has found that the current setup does not meet data protection requirements. You must implement a solution that fulfills the following:
- Manage the Data Encryption Key (DEK) outside of Google Cloud.
- Retain full control of encryption keys using a third-party provider.
- Encrypt the sensitive data before it is uploaded to Cloud Storage.
- Decrypt the data during processing within the Compute Engine VMs.
- Encrypt the data in memory while it is in use on the Compute Engine VMs.
What two actions should you take?*
Your organization runs a mission-critical workload in a highly regulated industry. Sensitive data is uploaded from endpoint computers to Cloud Storage and then processed by Compute Engine VMs. A compliance review has found that the current setup does not meet data protection requirements. You must implement a solution that fulfills the following:
- Manage the Data Encryption Key (DEK) outside of Google Cloud.
- Retain full control of encryption keys using a third-party provider.
- Encrypt the sensitive data before it is uploaded to Cloud Storage.
- Decrypt the data during processing within the Compute Engine VMs.
- Encrypt the data in memory while it is in use on the Compute Engine VMs.
What two actions should you take?*
Exam-Like
Comments
Loading comments...