Which feature of Cloud Key Management Service helps prevent accidental delete?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: B.
Option A is incorrect.
Key material destruction built-in delay is 24-hours and 12-hour.
Option B is correct.
Key material destruction built-in delay is 24-hours.
Option C is incorrect.
Ability to create external keys with EKM does not help prevent accidental deletion, but helps generate external keys using supported external key managers.
Option D is incorrect.
Ability of at-will key rotation, does not help prevent accidental deletion, but allows customers to set rotation schedules to automatically generate new keys at certain fixed time intervals.
https://cloud.google.com/security-key-management#section-9The feature of Cloud Key Management Service that helps prevent accidental delete is the built-in 24-hour delay for key material destruction, which is option B.
Cloud Key Management Service (KMS) is a cloud-based service that provides cryptographic key management for applications and services. It helps you to create, use, rotate, and destroy cryptographic keys that are used to encrypt your data.
One of the risks of key management is accidental deletion of keys, which can lead to data loss and security breaches. To mitigate this risk, Cloud KMS provides a built-in 24-hour delay for key material destruction. This means that when you request to destroy a key, the key material is not immediately deleted. Instead, it is marked for destruction and kept for a minimum of 24 hours before it is permanently deleted.
During this 24-hour delay period, you can cancel the key destruction request if you realize that you have made a mistake. This gives you a chance to recover the key and avoid data loss or security breaches. After the 24-hour delay period, the key material is permanently deleted and cannot be recovered.
Option A, built-in 12-hour delay for key material destruction, is incorrect because the actual delay period is 24 hours, not 12 hours. Option C, the ability to create external keys with EKM, is unrelated to preventing accidental key deletion. Option D, the ability of at-will key rotation, is a different feature of Cloud KMS that allows you to rotate keys at any time to enhance security.