312-50V13 · Question #348
312-50V13 Question #348: Real Exam Question with Answer & Explanation
The correct answer is C: AES key size=192 bits: This configuration is a balance between options A and B, providing. Explanation Option C (AES-192) represents the optimal middle ground because it delivers stronger security than AES-128 while avoiding the unnecessary computational overhead of AES-256 or AES-512 - a critical consideration when RSA with n=4000 bits is already computationally expen
Question
You are the lead cybersecurity analyst at a multinational corporation that uses a hybrid encryption system to secure inter-departmental communications. The system uses RSA encryption for key exchange and AES for data encryption, taking advantage of the strengths of both asymmetric and symmetric encryption. Each RSA key pair has a size of 'n' bits, with larger keys providing more security at the cost of slower performance. The time complexity of generating an RSA key pair is O(n*2), and AES encryption has a time complexity of O(n). An attacker has developed a quantum algorithm with time complexity O((log n)*2) to crack RSA encryption. Given *n=4000' and variable `AES key size', which scenario is likely to provide the best balance of security and performance?
Options
- AAES key size=128 bits: This configuration provides less security than option A, but RSA key
- BAES key size=256 bits: This configuration provides a high level of security, but RSA key
- CAES key size=192 bits: This configuration is a balance between options A and B, providing
- DAES key size=512 bits: This configuration provides the highest level of security but at a significant
Explanation
Explanation
Option C (AES-192) represents the optimal middle ground because it delivers stronger security than AES-128 while avoiding the unnecessary computational overhead of AES-256 or AES-512 - a critical consideration when RSA with n=4000 bits is already computationally expensive (O(n²) key generation) and vulnerable to the quantum attack with complexity O((log n)²). Option A (AES-128) is incorrect because while it's the fastest, it sacrifices too much security, especially given that the quantum threat has already weakened the RSA layer, leaving AES as the primary security mechanism. Option B (AES-256) provides strong security but introduces performance costs that, when combined with the heavy RSA overhead at n=4000, create an imbalanced system that leans too far toward security at the expense of practicality. Option D (AES-512) is incorrect because AES does not natively support 512-bit keys in standard implementations, making this an unrealistic and inefficient choice that disqualifies it immediately.
Memory Tip: Think of the "Goldilocks Rule" - not too weak (128), not too heavy (256/512), but just right (192). When balancing security and performance under threat, the middle key size is your safe harbor. If one security layer (RSA) is compromised, the other (AES) must compensate without crippling performance.
Topics
Community Discussion
No community discussion yet for this question.