ExamTopics Logo
Mail Us[email protected]
Menu
Google Discussions
exam questions

Exam Professional Cloud Security Engineer All Questions

View all questions & answers for the Professional Cloud Security Engineer exam
Go to Exam

Exam Professional Cloud Security Engineer topic 1 question 160 discussion

Actual exam question from Google's Professional Cloud Security Engineer
Question #: 160
Topic #: 1
[All Professional Cloud Security Engineer Questions]

You are working with a client that is concerned about control of their encryption keys for sensitive data. The client does not want to store encryption keys at rest in the same cloud service provider (CSP) as the data that the keys are encrypting. Which Google Cloud encryption solutions should you recommend to this client?
(Choose two.)

  • A. Customer-supplied encryption keys.
  • B. Google default encryption
  • C. Secret Manager
  • D. Cloud External Key Manager
  • E. Customer-managed encryption keys
Show Suggested Answer Hide Answer
Suggested Answer: AD 🗳️
by DST at Sept. 28, 2022, 5:22 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AwesomeGCP
Highly Voted 1 year, 6 months ago
Selected Answer: AD
A. Customer-supplied encryption keys. D. Cloud External Key Manager
upvoted 6 times
...
DST
Highly Voted 1 year, 7 months ago
Selected Answer: AD
CSEK & EKM both store keys outside of GCP
upvoted 6 times
...
gcpengineer
Most Recent 11 months, 2 weeks ago
what about CMEK?
upvoted 2 times
[Removed]
9 months, 1 week ago
in CMEK, even though the keys are managed by customer, they're still using the cloud service Cloud KMS. So it's still in the same Cloud Provider as where the data is which not desired per the question. Reference: https://cloud.google.com/kms/docs/cmek#cmek
upvoted 3 times
...
...
TNT87
1 year ago
Selected Answer: AD
Answer A and D
upvoted 1 times
...
AzureDP900
1 year, 5 months ago
A,D is perfect
upvoted 3 times
...
soltium
1 year, 6 months ago
I'm leaning towards D because CSEK is so limited.
upvoted 1 times
soltium
1 year, 6 months ago
whoops didn't read I need to select two, so AD it is.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago