You are working with a client who plans to migrate their data to Google Cloud. You are responsible for recommending an encryption service to manage their encrypted keys.
You have the following requirements:
✑ The master key must be rotated at least once every 45 days.
✑ The solution that stores the master key must be FIPS 140-2 Level 3 validated.
✑ The master key must be stored in multiple regions within the US for redundancy.
Which solution meets these requirements?
A . Customer-managed encryption keys with Cloud Key Management Service
B . Customer-managed encryption keys with Cloud HSM
C . Customer-supplied encryption keys
D . Google-managed encryption keys
Answer: B
Explanation:
https://cloud.google.com/docs/security/key-management-deep-dive
https://cloud.google.com/kms/docs/faq
Latest Professional Cloud Security Engineer Dumps Valid Version with 93 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund