Topic 1 Question 63
You work for a financial services company that handles highly sensitive data. Due to regulatory requirements, your company is required to have complete and manual control of data encryption. Which type of keys should you recommend to use for data storage?
Use customer-supplied encryption keys (CSEK).
Use a dedicated third-party key management system (KMS) chosen by the company.
Use Google-managed encryption keys (GMEK).
Use customer-managed encryption keys (CMEK).
ユーザの投票
コメント(3)
- 正解だと思う選択肢: D
CSEK is a dying deployment that is only supported by a few of the storage services. For compete and manual control of data encryption, you need to use CMEK.
👍 1rich_maverick2025/02/27 - 正解だと思う選択肢: A
xfasdfadsfsadf
👍 1n21837128472025/03/05 - 正解だと思う選択肢: A
The best option is A. Use customer-supplied encryption keys (CSEK). Option A is best because CSEK provides complete manual control over keys, meeting strict regulatory needs. Option B (Third-party KMS) is incorrect because CSEK already provides control within Google Cloud. Option C (GMEK) is incorrect because Google manages keys, not the company. Option D (CMEK) is incorrect because keys are managed within Google KMS, not fully manual control. Therefore, Option A, CSEK, offers the most direct and complete manual key control.
👍 1n21837128472025/03/05
シャッフルモード