Multiple Choice
You want data on Compute Engine disks to be encrypted at rest with keys managed by Cloud Key Management Service (KMS) . Cloud Identity and Access Management (IAM) permissions to these keys must be managed in a grouped way because the permissions should be the same for all keys. What should you do?
A) Create a single KeyRing for all persistent disks and all Keys in this KeyRing. Manage the IAM permissions at the Key level.
B) Create a single KeyRing for all persistent disks and all Keys in this KeyRing. Manage the IAM permissions at the KeyRing level.
C) Create a KeyRing per persistent disk, with each KeyRing containing a single Key. Manage the IAM permissions at the Key level.
D) Create a KeyRing per persistent disk, with each KeyRing containing a single Key. Manage the IAM permissions at the KeyRing level.
Correct Answer:
Verified
Correct Answer:
Verified
Q38: While migrating your organization's infrastructure to GCP,
Q39: A manager wants to start retaining security
Q40: A customer implements Cloud Identity-Aware Proxy for
Q41: An organization is starting to move its
Q42: You want to evaluate GCP for PCI
Q44: Your team needs to configure their Google
Q45: A business unit at a multinational corporation
Q46: Applications often require access to "secrets" -
Q47: Which international compliance standard provides guidelines for
Q48: You want data on Compute Engine disks