Migrating a legacy application to GCP with strict compliance requirements for data encryption, both at rest and in transit, what combination of services and features should be used?
Choose an answer
Tap an option to check your answer.
Correct answer: Compute Engine with Shielded VMs & HTTPS Load Balancer.
Why this is the answer
*The combination of Compute Engine with Shielded VMs and an HTTPS Load Balancer is best suited for migrating a legacy application to GCP with strict compliance requirements around data encryption at rest and in transit. Shielded VMs on Compute Engine provide enhanced security features, including mechanisms to ensure data encryption at rest. The HTTPS Load Balancer adds an additional layer of security by ensuring that data in transit is encrypted, meeting the compliance requirements for secure data transmission. Other options, such as App Engine environments or Kubernetes Engine with Istio, do not offer the same comprehensive solution for both encryption at rest and in transit. Customer-managed encryption keys on Compute Engine and Cloud VPN primarily focus on encryption at rest and secure communication, respectively, but do not fully address the combined need for encryption both at rest and in transit in a legacy application migration scenario.*
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed