Exam Professional-Cloud-Security-Engineer Topic 3 Question 30 Discussion
Actual exam question for Google's Professional-Cloud-Security-Engineer exam
Question #: 30
Topic #: 3
Question #: 30
Topic #: 3
Your company is storing sensitive data in Cloud Storage. You want a key generated on-premises to be used in the encryption process.
What should you do?
What should you do?
Suggested Answer: C Vote an answer
This is a Customer-supplied encryption keys (CSEK).
We generate our own encryption key and manage it on-premises.
A KEK never leaves Cloud KMS.There is no KEK or KMS on-premises.
Encryption at rest by default, with various key management options.
https://cloud.google.com/security/encryption-at-rest
We generate our own encryption key and manage it on-premises.
A KEK never leaves Cloud KMS.There is no KEK or KMS on-premises.
Encryption at rest by default, with various key management options.
https://cloud.google.com/security/encryption-at-rest
by Leona at May 11, 2026, 02:12 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).