Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Google Exam Professional Cloud Security Engineer Topic 3 Question 71 Discussion

Actual exam question for Google's Professional Cloud Security Engineer exam
Question #: 71
Topic #: 3
[All Professional Cloud Security Engineer Questions]

You are setting up a new Cloud Storage bucket in your environment that is encrypted with a customer managed encryption key (CMEK). The CMEK is stored in Cloud Key Management Service (KMS). in project "pr j -a", and the Cloud Storage bucket will use project "prj-b". The key is backed by a Cloud Hardware Security Module (HSM) and resides in the region europe-west3. Your storage bucket will be located in the region europe-west1. When you create the bucket, you cannot access the key. and you need to troubleshoot why.

What has caused the access issue?

Show Suggested Answer Hide Answer
Suggested Answer: D

When you use a customer-managed encryption key (CMEK) to secure a Cloud Storage bucket, the key and the bucket must be located in the same region. In this case, the key is in europe-west3 and the bucket is in europe-west1, which is why you're unable to access the key.


by Glory at Jan 24, 2024, 02:04 AM

Limited Time Offer

25%

Off

Get Premium Professional Cloud Security Engineer Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Kirk
11 months ago
Yeah, I'm leaning towards option C as the correct answer. It makes sense that if the CMEK is in a different project, the Cloud Storage bucket wouldn't be able to access it.
upvoted 0 times
Carin
10 months ago
Yeah, it does seem like the most straightforward explanation.
upvoted 0 times
...
Kirby
10 months ago
Could be, but I still think the project mismatch is the main reason.
upvoted 0 times
...
Elouise
10 months ago
A) A firewall rule prevents the key from being accessible.
upvoted 0 times
...
Nakita
10 months ago
It's possible, but I think the project being different is the main issue.
upvoted 0 times
...
Antonio
10 months ago
Do you think it could also be because the key is in a different region?
upvoted 0 times
...
Cory
10 months ago
That's a good point, it does seem like the most likely cause.
upvoted 0 times
...
Casie
10 months ago
C) The CMEK is in a different project than the Cloud Storage bucket
upvoted 0 times
...
...
Antonio
11 months ago
I agree, the different project and region for the CMEK and the Cloud Storage bucket seems like the most likely cause of the access issue. But let's not rule out the other options just yet.
upvoted 0 times
...
Deangelo
11 months ago
Okay, let's think this through step-by-step. We have a Cloud Storage bucket that's encrypted with a CMEK, and the key is in a different project and region. That sounds like it could be the issue.
upvoted 0 times
...
Carline
11 months ago
Hmm, this question seems a bit tricky. I'm not sure what the correct answer is, but I'll give it my best shot.
upvoted 0 times
...

Save Cancel