GCP Professional Cloud Security Engineer Practice Question
Your organization plans to migrate an existing Java application to Google Cloud. Regulatory guidance requires that sensitive customer data remain encrypted while it is being processed in memory (data-in-use). The team wants to meet this requirement without changing application code or libraries. Which Google Cloud feature should you enable on the Compute Engine instances that will host the workload?
Enable Confidential VMs for the Compute Engine instances
Run the instances as Shielded VMs with Secure Boot
Place the instances inside a VPC Service Controls perimeter
Store application keys in Cloud HSM-protected key rings
Confidential VMs use AMD SEV or Intel TDX to encrypt each virtual machine's memory so data stays protected even while the CPU is processing it. Because the encryption happens at the hypervisor level, no application code changes are needed. Shielded VMs add firmware and boot-chain protections but do not encrypt data in use. Cloud HSM and Cloud KMS protect encryption keys at rest or in transit, not the runtime memory of workloads. VPC Service Controls build a network perimeter but provide no in-use encryption.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are Confidential VMs in Google Cloud?
Open an interactive chat with Bash
How does memory encryption work in Confidential VMs?
Open an interactive chat with Bash
What is the difference between Shielded VMs and Confidential VMs?
Open an interactive chat with Bash
What is a Confidential VM in Google Cloud?
Open an interactive chat with Bash
How does encryption at the hypervisor level work in Confidential VMs?
Open an interactive chat with Bash
How do Confidential VMs differ from Shielded VMs?
Open an interactive chat with Bash
GCP Professional Cloud Security Engineer
Ensuring data protection
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .