Practice Test 2 | Google Cloud Certified Professional Cloud Security Engineer | Dumps | Mock Test
Your company processes sensitive on-premises. The company plans to use a Compute Engine to process this data. As a part of the security team, you have been asked to ensure that data is encrypted in memory during processing in Compute Engine VMs.
How can you achieve this?
A. Encrypt data in transit using SSL.
B. Encrypt data at rest using customer-managed encryption keys (CMEK).
C. Enable Confidential Computing service during the creation of the VM.
D. Encrypt data at rest using customer-supplied encryption keys (CSEK).
Answer: C
- Option A is incorrect. This does not apply to data in the VM.
- Option B is incorrect. This encrypts data in the disks, not in memory during processing.
- Option C is CORRECT. Confidential Computing is the GCP service that ensures that data remains encrypted during processing.
- Option D is incorrect. This encrypts data in the disks, not in memory during processing.
References:
Comments are closed, but trackbacks and pingbacks are open.