CCSP Question #281: Real Exam Question with Answer & Explanation

The correct answer is A: Cloud provider also managing the organization's keys. Crypto-shredding relies on the destruction of cryptographic keys to render encrypted data unreadable; this process is undermined if the cloud provider also retains or manages the encryption keys.

Submitted by renata2k· Apr 18, 2026Cloud Data Security

Question

Which of the following might make crypto-shredding difficult or useless? Response:

Options

ACloud provider also managing the organization's keys
BLack of physical access to the environment
CExternal attackers
DLack of user training and awareness

Explanation

Crypto-shredding relies on the destruction of cryptographic keys to render encrypted data unreadable; this process is undermined if the cloud provider also retains or manages the encryption keys.

Common mistakes.

B. Lack of physical access to the environment is typically a characteristic of cloud computing but doesn't inherently make crypto-shredding useless, as it's a logical data destruction method.
C. External attackers are a threat that crypto-shredding aims to protect against by rendering data useless if exfiltrated, so they don't make the process useless.
D. Lack of user training and awareness is a general security weakness but doesn't directly impede the technical process of crypto-shredding.

Concept tested. Crypto-shredding effectiveness and key management

Reference. https://learn.microsoft.com/en-us/azure/security/fundamentals/data-encryption-best-practices#data-at-rest-encryption-in-the-azure-security-model

Topics

#Crypto-shredding#Data sanitization#Key management#Cloud data security

Community Discussion

No community discussion yet for this question.

Full CCSP Practice Browse All CCSP Questions