🔥 3-day streak
Professional Cloud Architect59 / 169
Question 59 of 169

A financial services company is migrating a customer-records application to Google Cloud. Their regulator requires that the company retain sole control over the encryption keys protecting customer data at rest, including the ability to revoke Google's access to decrypt the data at any time, while still using Google-managed storage services. The security team also wants to avoid operating and patching their own on-premises key infrastructure. Which encryption key management approach best satisfies these requirements?

Reviewed for accuracy · Report an issueNext question