What should you do?

Professional Cloud Security Engineer V3 0 Comments

Your company is using Cloud Dataproc for its Spark and Hadoop jobs. You want to be able to create, rotate, and destroy symmetric encryption keys used for the persistent disks used by Cloud Dataproc. Keys can be stored in the cloud.

What should you do?
A . Use the Cloud Key Management Service to manage the data encryption key (DEK).
B . Use the Cloud Key Management Service to manage the key encryption key (KEK).
C . Use customer-supplied encryption keys to manage the data encryption key (DEK).
D . Use customer-supplied encryption keys to manage the key encryption key (KEK).

Answer: B

Explanation:

This PD and bucket data is encrypted using a Google-generated data encryption key (DEK) and key encryption key (KEK). The CMEK feature allows you to create, use, and revoke the key encryption key (KEK). Google still controls the data encryption key (DEK). For more information on Google data encryption keys, see Encryption at Rest.

https://cloud.google.com/dataproc/docs/concepts/configuring-clusters/customer-managed-

encryption

https://codelabs.developers.google.com/codelabs/encrypt-and-decrypt-data-with-cloud-kms#0

Latest Professional Cloud Security Engineer Dumps Valid Version with 93 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download Professional Cloud Security Engineer PDF     Professional Cloud Security Engineer Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments