Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Google Exam Professional Cloud Security Engineer Topic 3 Question 71 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 71
Topic #: 3
[All Professional Cloud Security Engineer Questions]

You are setting up a new Cloud Storage bucket in your environment that is encrypted with a customer managed encryption key (CMEK). The CMEK is stored in Cloud Key Management Service (KMS). in project "pr j -a", and the Cloud Storage bucket will use project "prj-b". The key is backed by a Cloud Hardware Security Module (HSM) and resides in the region europe-west3. Your storage bucket will be located in the region europe-west1. When you create the bucket, you cannot access the key. and you need to troubleshoot why.

What has caused the access issue?

Show Suggested Answer Hide Answer
Suggested Answer: D

When you use a customer-managed encryption key (CMEK) to secure a Cloud Storage bucket, the key and the bucket must be located in the same region. In this case, the key is in europe-west3 and the bucket is in europe-west1, which is why you're unable to access the key.


Contribute your Thoughts:

Kirk
8 months ago
Yeah, I'm leaning towards option C as the correct answer. It makes sense that if the CMEK is in a different project, the Cloud Storage bucket wouldn't be able to access it.
upvoted 0 times
Carin
7 months ago
Yeah, it does seem like the most straightforward explanation.
upvoted 0 times
...
Kirby
8 months ago
Could be, but I still think the project mismatch is the main reason.
upvoted 0 times
...
Elouise
8 months ago
A) A firewall rule prevents the key from being accessible.
upvoted 0 times
...
Nakita
8 months ago
It's possible, but I think the project being different is the main issue.
upvoted 0 times
...
Antonio
8 months ago
Do you think it could also be because the key is in a different region?
upvoted 0 times
...
Cory
8 months ago
That's a good point, it does seem like the most likely cause.
upvoted 0 times
...
Casie
8 months ago
C) The CMEK is in a different project than the Cloud Storage bucket
upvoted 0 times
...
...
Antonio
8 months ago
I agree, the different project and region for the CMEK and the Cloud Storage bucket seems like the most likely cause of the access issue. But let's not rule out the other options just yet.
upvoted 0 times
...
Deangelo
8 months ago
Okay, let's think this through step-by-step. We have a Cloud Storage bucket that's encrypted with a CMEK, and the key is in a different project and region. That sounds like it could be the issue.
upvoted 0 times
...
Carline
8 months ago
Hmm, this question seems a bit tricky. I'm not sure what the correct answer is, but I'll give it my best shot.
upvoted 0 times
...

Save Cancel