In an effort for your company messaging app to comply with FIPS 140-2, a decision was made to use GCP compute and network services. The messaging app architecture includes a Managed Instance Group (MIG) that controls a cluster of Compute Engine instances. The instances use Local SSDs for data caching and UDP for instance-to-instance communications. The app development team is willing to make any changes necessary to comply with the standard Which options should you recommend to meet the requirements?
A) Encrypt all cache storage and VM-to-VM communication using the BoringCrypto module.
B) Set Disk Encryption on the Instance Template used by the MIG to customer-managed key and use BoringSSL for all data transit between instances. Set Disk Encryption on the Instance Template used by the MIG to customer-managed key and use BoringSSL for all data transit between instances.
C) Change the app instance-to-instance communications from UDP to TCP and enable BoringSSL on clients' TLS connections.
D) Set Disk Encryption on the Instance Template used by the MIG to Google-managed Key and use BoringSSL library on all instance-to-instance communications. Google-managed Key and use BoringSSL library on all instance-to-instance communications.
Correct Answer:
Verified
Q68: An engineering team is launching a web
Q69: Your team wants to make sure Compute
Q70: A customer wants to deploy a large
Q71: As adoption of the Cloud Data Loss
Q72: A customer deployed an application on Compute
Q74: Your team needs to make sure that
Q75: You want data on Compute Engine disks
Q76: Your team wants to limit users with
Q77: An organization is evaluating the use of
Q78: You are the security admin of your
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents