To achieve FIPS 140-2 compliance for a messaging app on GCP that uses a Managed Instance Group, Local SSDs for caching, and UDP for instance-to-instance communication, what specific changes should be recommended?

Exam-Like

Encrypt all cache storage and VM-to-VM communication using the BoringCrypto module.

Set Disk Encryption on the Instance Template used by the MIG to customer-managed key and use BoringSSL for all data transit between instances.

Change the app instance-to-instance communications from UDP to TCP and enable BoringSSL on clients' TLS connections.

Set Disk Encryption on the Instance Template used by the MIG to Google-managed Key and use BoringSSL library on all instance-to-instance communications.

Google Professional Cloud Security Engineer

Get started today

Comments

To achieve FIPS 140-2 compliance for a messaging app on GCP that uses a Managed Instance Group, Local SSDs for caching, and UDP for instance-to-instance communication, what specific changes should be recommended?