Topic 1 Question 306
You must ensure that the keys used for at-rest encryption of your data are compliant with your organization's security controls. One security control mandates that keys get rotated every 90 days. You must implement an effective detection strategy to validate if keys are rotated as required. What should you do?
Analyze the crypto key versions of the keys by using data from Cloud Asset Inventory. If an active key is older than 90 days, send an alert message through your incident notification channel.
Assess the keys in the Cloud Key Management Service by implementing code in Cloud Run. If a key is not rotated after 90 days, raise a finding in Security Command Center.
Define a metric that checks for timely key updates by using Cloud Logging. If a key is not rotated after 90 days, send an alert message through your incident notification channel.
Identify keys that have not been rotated by using Security Health Analytics. If a key is not rotated after 90 days, a finding in Security Command Center is raised.
ユーザの投票
コメント(7)
D - Security Health Analytics: Security Health Analytics is a specialized tool designed to assess the security posture of your Google Cloud environment. It can effectively identify keys that have not been rotated within the specified timeframe. Finding in Security Command Center: Raising a finding in Security Command Center ensures that the non-compliance issue is clearly documented and can be addressed promptly. Efficiency: Security Health Analytics provides a streamlined and efficient way to monitor key rotation compliance without requiring custom code or manual analysis.
👍 4abdelrahman892024/10/04- 正解だと思う選択肢: D👍 4koo_kai2024/10/12
- 正解だと思う選択肢: D👍 2MoAk2024/11/22
シャッフルモード