CAS-005 · Question #241
CAS-005 Question #241: Real Exam Question with Answer & Explanation
The correct answer is A: Encrypting using a key stored in an on-premises hardware security module. Control: On-premises HSMs provide the highest level of control over encryption keys. The organization has physical and logical control over the HSM and the keys stored within it. Security: HSMs are designed to be tamper-resistant and protect keys from unauthorized access, even if
Question
Which of the following key management practices ensures that an encryption key is maintained within the organization?
Options
- AEncrypting using a key stored in an on-premises hardware security module
- BEncrypting using server-side encryption capabilities provided by the cloud provider
- CEncrypting using encryption and key storage systems provided by the cloud provider
- DEncrypting using a key escrow process for storage of the encryption key
Explanation
Control: On-premises HSMs provide the highest level of control over encryption keys. The organization has physical and logical control over the HSM and the keys stored within it. Security: HSMs are designed to be tamper-resistant and protect keys from unauthorized access, even if the surrounding systems are compromised. Compliance: In some industries, regulatory requirements may mandate that organizations maintain direct control over their encryption keys. On-premises HSMs can help meet these
Community Discussion
No community discussion yet for this question.