Topic 1 Question 273
You are working with developers to secure custom training jobs running on Vertex AI. For compliance reasons, all supported data types must be encrypted by key materials that reside in the Europe region and are controlled by your organization. The encryption activity must not impact the training operation in Vertex AI. What should you do?
Encrypt the code, training data, and metadata with Google default encryption. Use customer-managed encryption keys (CMEK) for the trained models exported to Cloud Storage buckets.
Encrypt the code, training data, metadata, and exported trained models with customer-managed encryption keys (CMEK).
Encrypt the code, training data, and exported trained models with customer-managed encryption keys (CMEK).
Encrypt the code, training data, and metadata with Google default encryption. Implement an organization policy that enforces a constraint to restrict the Cloud KMS location to the Europe region.
ユーザの投票
コメント(8)
Answer is C
The CMEK key doesn't encrypt metadata, like the instance's name and region, associated with your Vertex AI Workbench instance. Metadata associated with Vertex AI Workbench instances is always encrypted using Google's default encryption mechanism.
👍 2dat9872024/10/12- 正解だと思う選択肢: D
Option D enforces that all supported data types must be encrypted by key materials that reside in the Europe region.
👍 2BondleB2024/11/05 - 正解だと思う選択肢: B
B is correct. D looks good but uses Google Managed Encryption Keys which violates the requirement of control the encryption resources outlined in the question.
👍 23fd692e2024/11/10
シャッフルモード