Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Professional Cloud Security Engineer Exam - Topic 3 Question 56 Discussion

You are working with a client who plans to migrate their data to Google Cloud. You are responsible for recommending an encryption service to manage their encrypted keys. You have the following requirements:The master key must be rotated at least once every 45days.The solution that stores the master key must be FIPS 140-2 Level 3 validated.The master key must be stored in multiple regions within the US for redundancy.Which solution meets these requirements?
D) Google-managed encryption keys
A) Customer-managed encryption keys with Cloud Key Management Service
B) Customer-managed encryption keys with Cloud HSM
C) Customer-supplied encryption keys

Google Professional Cloud Security Engineer Exam - Topic 3 Question 56 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 56
Topic #: 3
[All Professional Cloud Security Engineer Questions]

You are working with a client who plans to migrate their data to Google Cloud. You are responsible for recommending an encryption service to manage their encrypted keys. You have the following requirements:

The master key must be rotated at least once every 45days.

The solution that stores the master key must be FIPS 140-2 Level 3 validated.

The master key must be stored in multiple regions within the US for redundancy.

Which solution meets these requirements?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Gayla at Nov 16, 2022, 06:23 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Marylin
7 months ago
Wait, can Google-managed keys really meet all those needs? Sounds too easy!
upvoted 0 times
...
Harris
7 months ago
I agree, B is solid for key management!
upvoted 0 times
...
Elza
7 months ago
Definitely not C, that one doesn't meet the requirements.
upvoted 0 times
...
Dalene
8 months ago
I think A could work too, but not sure about the validation.
upvoted 0 times
...
Torie
8 months ago
Option B is the best choice for FIPS compliance.
upvoted 0 times
...
Micheline
8 months ago
I’m leaning towards Cloud HSM too, but I’m a bit confused about how it handles multi-region storage. Did we cover that in our study sessions?
upvoted 0 times
...
Malcom
8 months ago
I feel like Google-managed keys are easier to use, but they probably don't allow for the level of control we need for key rotation.
upvoted 0 times
...
Daniela
8 months ago
I remember practicing a similar question, and I think customer-managed keys are flexible, but I can't recall if they meet all the requirements.
upvoted 0 times
...
Floyd
8 months ago
I think the Cloud HSM might be the right choice since it supports FIPS 140-2 Level 3, but I'm not sure about the key rotation requirement.
upvoted 0 times
...
Matthew
8 months ago
Hmm, I'm a bit confused on this one. I know XSLT uses XPath, but I'm not sure if that's the only specification that requires it. Let me think this through.
upvoted 0 times
...
Arlette
8 months ago
Hmm, this is a tricky one. I'll need to think through the different scenarios where route leaking is used and the potential drawbacks.
upvoted 0 times
...
Keith
8 months ago
I've seen questions like this before, and I'm quite confident that ogives are used for cumulative frequency distributions.
upvoted 0 times
...
Meaghan
8 months ago
Okay, this seems straightforward. Select the picture, go to Layout Options, and choose the Square layout. Easy peasy!
upvoted 0 times
...
Mahesh
3 years ago
this question indicates that management of keys should be with Customer hence the correct answer should be "Customer Managed Keys with KMS"
upvoted 1 times
...

Save Cancel