What are the steps to encrypt data using envelope encryption?

Professional Cloud Security Engineer V3 0 Comments

What are the steps to encrypt data using envelope encryption?
A . Generate a data encryption key (DEK) locally.
Use a key encryption key (KEK) to wrap the DEK. Encrypt data with the KEK.
Store the encrypted data and the wrapped KEK.
B . Generate a key encryption key (KEK) locally.
Use the KEK to generate a data encryption key (DEK). Encrypt data with the DEK.
Store the encrypted data and the wrapped DEK.
C . Generate a data encryption key (DEK) locally.
Encrypt data with the DEK.
Use a key encryption key (KEK) to wrap the DEK. Store the encrypted data and the wrapped DEK.
D . Generate a key encryption key (KEK) locally.
Generate a data encryption key (DEK) locally. Encrypt data with the KEK.
Store the encrypted data and the wrapped DEK.

Answer: C

Explanation:

The process of encrypting data is to generate a DEK locally, encrypt data with the DEK, use a KEK to wrap the DEK, and then store the encrypted data and the wrapped DEK. The KEK never leaves Cloud KMS. https://cloud.google.com/kms/docs/envelope-encryption#how_to_encrypt_data_using_envelope_encryption

Reference: https://cloud.google.com/kms/docs/envelope-encryption

Latest Professional Cloud Security Engineer Dumps Valid Version with 93 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download Professional Cloud Security Engineer PDF     Professional Cloud Security Engineer Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments