Your security team uses encryption keys to ensure confidentiality of user data. You want to establish a process to reduce the impact of a potentially compromised symmetric encryption key in Cloud Key Management Service (Cloud KMS).
Which steps should your team take before an incident occurs? (Choose two.)
A . Disable and revoke access to compromised keys.
B . Enable automatic key version rotation on a regular schedule.
C . Manually rotate key versions on an ad hoc schedule.
D . Limit the number of messages encrypted with each key version.
E . Disable the Cloud KMS API.
Answer: B,D
Explanation:
As per document "Limiting the number of messages encrypted with the same key version helps prevent attacks enabled by cryptanalysis."
https://cloud.google.com/kms/docs/key-rotation
Latest Professional Cloud Security Engineer Dumps Valid Version with 93 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund