CDPSE Question #24: Real Exam Question with Answer & Explanation

Question

Which of the following is the PRIMARY reason that a single cryptographic key should be used for only one purpose, such as encryption or authentication?

Options

• AIt eliminates cryptographic key collision.
• BIt minimizes the risk if the cryptographic key is compromised.
• CIt is more practical and efficient to use a single cryptographic key.
• DEach process can only be supported by its own unique key management process.

Explanation

The primary reason that a single cryptographic key should be used for only one purpose, such as encryption or authentication, is that it minimizes the risk if the cryptographic key is compromised. A cryptographic key is a piece of information that is used to perform cryptographic operations, such as encryption or authentication. Encryption is a process of transforming data into an unreadable form using a secret key or algorithm. Authentication is a process of verifying the identity or integrity of a user or data using a secret key or algorithm. If a single cryptographic key is used for multiple purposes, such as encryption and authentication, it increases the risk if the cryptographic key is compromised. For example, if an attacker obtains the cryptographic key that is used for both encryption and authentication, they can decrypt and access personal data, as well as impersonate or modify legitimate users or data. Therefore, a single cryptographic key should be used for only one purpose, and different keys should be used for different purposes.

No community discussion yet for this question.