A financial institution is planning to deploy a highly sensitive application on GCP. This application will handle both credit card data and PII. What service and feature combination should be considered for data encryption at rest and in transit?
Choose an answer
Tap an option to check your answer.
Correct answer: Cloud KMS and SSL Certificates.
Why this is the answer
*Explanation:* A. Correct. Cloud KMS for data encryption at rest and SSL Certificates for in-transit encryption. B. Incorrect. Cloud HSM is good for encryption at rest but VPC Peering is not specifically for encryption in transit. C. Incorrect. Secret Manager is for managing secrets, not data encryption. D) Incorrect. Firestore with CMEK and Cloud CDN doesn't offer comprehensive security for sensitive data. E) Incorrect. BigQuery and DLP are not primarily designed for both types of encryption.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed