New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Database Engineer Exam - Topic 1 Question 62 Discussion

Actual exam question for Google's Professional Cloud Database Engineer exam
Question #: 62
Topic #: 1
[All Professional Cloud Database Engineer Questions]

Your organization has a security policy to ensure that all Cloud SQL for PostgreSQL databases are secure. You want to protect sensitive data by using a key that meets specific locality or residency requirements. Your organization needs to control the key's lifecycle activities. You need to ensure that data is encrypted at rest and in transit. What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: B

https://cloud.google.com/sql/docs/postgres/configure-cmek#createcmekinstance


by Bettyann at Nov 21, 2025, 06:10 PM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Database Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Gilberto
9 hours ago
Definitely need customer-managed keys for compliance.
upvoted 0 times
...
Denise
6 days ago
B is the way to go. You need to ensure you meet those locality and residency requirements.
upvoted 0 times
...
Leila
11 days ago
I agree with B. It's important to have control over the encryption keys for sensitive data.
upvoted 0 times
...
Malissa
16 days ago
Definitely option B. Customer-managed encryption keys give you more control over your data's security.
upvoted 0 times
...
Johnetta
21 days ago
B) Create the database with customer-managed encryption keys.
upvoted 0 times
...
Bev
26 days ago
I'm leaning towards B or D, but I'm not sure which one would be better. I think I need to review the details of each option to make sure I understand the differences.
upvoted 0 times
...
Stefany
1 month ago
I'm pretty confident that B is the right choice here. Customer-managed keys give us the control we need over the encryption, and it covers both data at rest and in transit.
upvoted 0 times
...
Bethanie
1 month ago
Option D sounds like the way to go. With customer-managed encryption keys on the persistent disk, we can ensure the data is encrypted and meet the locality/residency requirements.
upvoted 0 times
...
Lacresha
1 month ago
Hmm, I'm a bit confused. Do we need to encrypt the data in transit as well as at rest? If so, I'm not sure if the Google-managed encryption keys would be sufficient.
upvoted 0 times
...
Pamella
2 months ago
I think I'd go with option B. Customer-managed encryption keys give us more control over the key lifecycle, which is important for meeting our organization's security requirements.
upvoted 0 times
...
Rosendo
2 months ago
I vaguely recall that for sensitive data, customer-managed keys are usually recommended, but I need to double-check the specifics on encryption at rest and in transit.
upvoted 0 times
...
Silvana
2 months ago
I feel like Google-managed keys are easier to implement, but I’m uncertain if they meet the residency requirements we talked about.
upvoted 0 times
...
Kenneth
2 months ago
B is the way to go for customer control!
upvoted 0 times
...
Julian
3 months ago
Wait, can we really trust customer-managed keys?
upvoted 0 times
...
Coletta
3 months ago
Option B is the right choice. Gotta keep that data secure, am I right? *wink wink*
upvoted 0 times
Doug
2 months ago
Agreed! Security is key, literally!
upvoted 0 times
...
Annelle
2 months ago
Definitely! Customer-managed keys give more control.
upvoted 0 times
...
...
Pearline
3 months ago
I think we practiced a similar question where customer-managed keys were emphasized for controlling the key lifecycle. That might be the right choice.
upvoted 0 times
...
Margot
3 months ago
I remember discussing the importance of customer-managed encryption keys for compliance with locality requirements, but I'm not sure if that applies here.
upvoted 0 times
...

Save Cancel