Cloud Key Management Service: Incorrect Statement | CDL Exam Question | Google

Cloud Key Management Service Capability: Incorrect Statement

Prev Question Next Question

Question

Your organization is using Cloud Key Management Service to perform cryptographic operations. Identify the incorrect statement with regards to Cloud Key Management Service capability.

Answers

A. Performing Application-level encryption on Memorystore

B. Using Application compatible third-party software to implement PCI Data Security Standard Compliance

C. Performing encryption and decryption of data with symmetric key

D. Performing encryption and decryption of data with asymmetric key.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Correct Answer: B.

Option A is incorrect.

Application-level encryption on Memorystore can be performed using Cloud Key Management Service.

Option B is correct.

Third-party software is not needed to implement PCI Data Security Standard Compliance.

Option C is incorrect.

Encryption and decryption of data with symmetric keys can be performed using Cloud Key Management Service.

Option D is incorrect.

Encryption and decryption of data with asymmetric keys can be performed using Cloud Key Management Service.

https://cloud.google.com/kms/docs#use-cases

The incorrect statement with regards to Cloud Key Management Service capability is:

A. Performing Application-level encryption on Memorystore.

Explanation:

Cloud Key Management Service (KMS) is a cloud-hosted key management service that lets you manage cryptographic keys and perform cryptographic operations in a single, centralized cloud service.
Cloud KMS allows you to create, use, rotate, and destroy cryptographic keys to protect your cloud services and resources.
Cloud KMS supports symmetric and asymmetric keys, and can perform encryption and decryption of data using both types of keys.
Cloud KMS can also integrate with other Google Cloud services, such as Memorystore, to perform cryptographic operations.
However, Cloud KMS does not perform application-level encryption on Memorystore. Memorystore is a managed in-memory data store service, and Cloud KMS is used to manage cryptographic keys and perform cryptographic operations, but not to provide application-level encryption on Memorystore.
Option A is therefore incorrect.
Option B is a valid statement, as Cloud KMS supports the use of third-party software to implement PCI DSS compliance.
Option C is also a valid statement, as Cloud KMS can perform encryption and decryption of data with symmetric keys.
Option D is also a valid statement, as Cloud KMS can perform encryption and decryption of data with asymmetric keys.

Therefore, the correct answer is A. Performing Application-level encryption on Memorystore.

Prev Question Next Question