Topic 1 Question 136
2 つ選択Your security team uses encryption keys to ensure confidentiality of user data. You want to establish a process to reduce the impact of a potentially compromised symmetric encryption key in Cloud Key Management Service (Cloud KMS). Which steps should your team take before an incident occurs?
Disable and revoke access to compromised keys.
Enable automatic key version rotation on a regular schedule.
Manually rotate key versions on an ad hoc schedule.
Limit the number of messages encrypted with each key version.
Disable the Cloud KMS API.
ユーザの投票
コメント(8)
- 正解だと思う選択肢: BD
BD is the answer. The steps need to be done BEFORE an incident occurs.
👍 8zellck2022/09/26 - 正解だと思う選択肢: BD
Should be BD. A is wrong because there is no comprise happened as the question states "before an incident".
As per document "Limiting the number of messages encrypted with the same key version helps prevent attacks enabled by cryptanalysis." https://cloud.google.com/kms/docs/key-rotation
👍 7parasthakur2022/09/18 - 正解だと思う選択肢: BD
B. Enable automatic key version rotation on a regular schedule. D. Limit the number of messages encrypted with each key version.
👍 3AwesomeGCP2022/10/08
シャッフルモード