Google Exam Professional-Cloud-Security-Engineer Topic 2 Question 14 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam

Question #: 14
Topic #: 2

[All Professional Cloud Security Engineer Questions]

In an effort for your company messaging app to comply with FIPS 140-2, a decision was made to use GCP compute and network services. The messaging app architecture includes a Managed Instance Group (MIG) that controls a cluster of Compute Engine instances. The instances use Local SSDs for data caching and UDP for instance-to-instance communications. The app development team is willing to make any changes necessary to comply with the standard

Which options should you recommend to meet the requirements?

AEncrypt all cache storage and VM-to-VM communication using the BoringCrypto module.

BSet Disk Encryption on the Instance Template used by the MIG to customer-managed key and use BoringSSL for all data transit between instances.

CChange the app instance-to-instance communications from UDP to TCP and enable BoringSSL on clients' TLS connections.

DSet Disk Encryption on the Instance Template used by the MIG to Google-managed Key and use BoringSSL library on all instance-to-instance communications.

Show Suggested Answer

Suggested Answer: D

by Markus at May 07, 2022, 06:02 PM

Limited Time Offer

25%

Off

Get Premium Professional-Cloud-Security-Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!