Official Google Cloud Certified Professional Cloud Architect Study Guide by Dan Sullivan
Author:Dan Sullivan
Language: eng
Format: epub, pdf
ISBN: 9781119602491
Publisher: Wiley
Published: 2019-10-04T12:00:00+00:00
Google Cloud manages much of the encryption process, including managing keys. This is helpful for users who want Google Cloud to manage all aspects of encryption. In cases where organizations need to manage their own keys, they will have to use one of two key management methods, described in the “Key Management” section.
Before delving into key management, let’s look at encryption in transit.
Encryption in Transit
Encryption in transit, also called encryption in motion, is used to protect the confidentiality and integrity of data in the event that the data is intercepted in transit. GCP uses a combination of authenticating sources and encryption to protect data in transit.
Google distinguishes data in transit on the Google network and data in transit on the public Internet. Data within the boundaries of the Google network is authenticated but may not be encrypted. Data outside the physical boundaries of the Google network is encrypted.
Users of applications running in Google Cloud communicate with the application over the Internet. Traffic incoming from users to the Google Cloud is routed to the Google Front End, a globally distributed proxy service. The Google Front End terminates HTTP and HTTPS traffic and routes it over the Google network to servers running the application. The Google Front End provides other security services, such as protecting against distributed denial-of-service (DDoS) attacks. Google Front End also implements global load balancers.
All traffic to Google Cloud services is encrypted by default. Google Cloud and the client negotiate how to encrypt data using either Transport Layer Security (TLS) or the Google-developed protocol QUIC (in the past, this term stood for Quick UDP Internet Connections, but now the name of the protocol is simply QUIC).
Within the Google Cloud infrastructure, Google uses Application Layer Transport Security (ALTS) for authentication and encryption. This is done at layer 7 of the OSI network model.
GCP offers encryption at rest and encryption in transit by default. Cloud users do not have to do anything to ensure that encryption is applied to their data. Users of GCP services can, however, determine how encryption keys are managed.
Download
Official Google Cloud Certified Professional Cloud Architect Study Guide by Dan Sullivan.pdf
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
Sass and Compass in Action by Wynn Netherland Nathan Weizenbaum Chris Eppstein Brandon Mathis(7916)
Grails in Action by Glen Smith Peter Ledbrook(7884)
Azure Containers Explained by Wesley Haakman & Richard Hooper(7218)
Configuring Windows Server Hybrid Advanced Services Exam Ref AZ-801 by Chris Gill(7217)
Running Windows Containers on AWS by Marcio Morales(6752)
Kotlin in Action by Dmitry Jemerov(5299)
Microsoft 365 Identity and Services Exam Guide MS-100 by Aaron Guilmette(5276)
Microsoft Cybersecurity Architect Exam Ref SC-100 by Dwayne Natwick(4992)
Combating Crime on the Dark Web by Nearchos Nearchou(4857)
The Ruby Workshop by Akshat Paul Peter Philips Dániel Szabó and Cheyne Wallace(4548)
Management Strategies for the Cloud Revolution: How Cloud Computing Is Transforming Business and Why You Can't Afford to Be Left Behind by Charles Babcock(4494)
The Age of Surveillance Capitalism by Shoshana Zuboff(4118)
Python for Security and Networking - Third Edition by José Manuel Ortega(4105)
Learn Wireshark by Lisa Bock(3917)
The Ultimate Docker Container Book by Schenker Gabriel N.;(3766)
Learn Windows PowerShell in a Month of Lunches by Don Jones(3573)
DevSecOps in Practice with VMware Tanzu by Parth Pandit & Robert Hardt(3436)
Blockchain Basics by Daniel Drescher(3430)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3427)
