Google Professional Cloud Security Engineer
Get started today
Ultimate access to all questions.
Comments
Loading comments...
Ultimate access to all questions.
You need to ensure that data on Compute Engine disks is encrypted at rest using keys managed by Cloud Key Management Service (KMS). Additionally, Cloud IAM permissions for these keys must be managed collectively, as the same permissions apply to all keys. What should you do?
A
Create a single KeyRing for all persistent disks and all Keys in this KeyRing. Manage the IAM permissions at the Key level.
B
Create a single KeyRing for all persistent disks and all Keys in this KeyRing. Manage the IAM permissions at the KeyRing level.
C
Create a KeyRing per persistent disk, with each KeyRing containing a single Key. Manage the IAM permissions at the Key level.
D
Create a KeyRing per persistent disk, with each KeyRing containing a single Key. Manage the IAM permissions at the KeyRing level.