Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Database Engineer Exam - Topic 1 Question 62 Discussion

Actual exam question for Google's Professional Cloud Database Engineer exam
Question #: 62
Topic #: 1
[All Professional Cloud Database Engineer Questions]

Your organization has a security policy to ensure that all Cloud SQL for PostgreSQL databases are secure. You want to protect sensitive data by using a key that meets specific locality or residency requirements. Your organization needs to control the key's lifecycle activities. You need to ensure that data is encrypted at rest and in transit. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: B

https://cloud.google.com/sql/docs/postgres/configure-cmek#createcmekinstance


by Bettyann at Nov 21, 2025, 06:10 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Database Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Verdell
2 days ago
D could work too, but it's for persistent disks only.
upvoted 0 times
...
Gwen
7 days ago
But A lacks control over the key lifecycle.
upvoted 0 times
...
Marylou
12 days ago
A seems easier though.
upvoted 0 times
...
Lamar
17 days ago
Customer-managed keys give more control.
upvoted 0 times
...
Diego
22 days ago
Why B?
upvoted 0 times
...
Lamar
27 days ago
I think B is the best choice.
upvoted 0 times
...
Timothy
1 month ago
Agree, B gives the best control over encryption!
upvoted 0 times
...
Mindy
1 month ago
I thought Google-managed keys were enough for security?
upvoted 0 times
...
Gilberto
2 months ago
Definitely need customer-managed keys for compliance.
upvoted 0 times
...
Denise
2 months ago
B is the way to go. You need to ensure you meet those locality and residency requirements.
upvoted 0 times
...
Leila
2 months ago
I agree with B. It's important to have control over the encryption keys for sensitive data.
upvoted 0 times
...
Malissa
2 months ago
Definitely option B. Customer-managed encryption keys give you more control over your data's security.
upvoted 0 times
...
Johnetta
3 months ago
B) Create the database with customer-managed encryption keys.
upvoted 0 times
...
Bev
3 months ago
I'm leaning towards B or D, but I'm not sure which one would be better. I think I need to review the details of each option to make sure I understand the differences.
upvoted 0 times
...
Stefany
3 months ago
I'm pretty confident that B is the right choice here. Customer-managed keys give us the control we need over the encryption, and it covers both data at rest and in transit.
upvoted 0 times
...
Bethanie
3 months ago
Option D sounds like the way to go. With customer-managed encryption keys on the persistent disk, we can ensure the data is encrypted and meet the locality/residency requirements.
upvoted 0 times
...
Lacresha
3 months ago
Hmm, I'm a bit confused. Do we need to encrypt the data in transit as well as at rest? If so, I'm not sure if the Google-managed encryption keys would be sufficient.
upvoted 0 times
...
Pamella
3 months ago
I think I'd go with option B. Customer-managed encryption keys give us more control over the key lifecycle, which is important for meeting our organization's security requirements.
upvoted 0 times
...
Rosendo
4 months ago
I vaguely recall that for sensitive data, customer-managed keys are usually recommended, but I need to double-check the specifics on encryption at rest and in transit.
upvoted 0 times
...
Silvana
4 months ago
I feel like Google-managed keys are easier to implement, but I’m uncertain if they meet the residency requirements we talked about.
upvoted 0 times
...
Kenneth
4 months ago
B is the way to go for customer control!
upvoted 0 times
...
Julian
5 months ago
Wait, can we really trust customer-managed keys?
upvoted 0 times
...
Coletta
5 months ago
Option B is the right choice. Gotta keep that data secure, am I right? *wink wink*
upvoted 0 times
Doug
4 months ago
Agreed! Security is key, literally!
upvoted 0 times
...
Annelle
4 months ago
Definitely! Customer-managed keys give more control.
upvoted 0 times
...
...
Pearline
5 months ago
I think we practiced a similar question where customer-managed keys were emphasized for controlling the key lifecycle. That might be the right choice.
upvoted 0 times
...
Margot
5 months ago
I remember discussing the importance of customer-managed encryption keys for compliance with locality requirements, but I'm not sure if that applies here.
upvoted 0 times
...

Save Cancel