CSSLP Question #393: Real Exam Question with Answer & Explanation

The correct answer is B: AMD Secure Memory Encryption (SME). AMD Secure Memory Encryption (SME) is a processor security feature that provides hardware-based encryption of system memory to protect sensitive information from physical memory extraction attacks.

Secure Software Concepts

Question

Which processor security feature provides hardware based encryption of system memory to protect sensitive information from physical memory extraction?

Options

ARole Based Access Control (RBAC)
BAMD Secure Memory Encryption (SME)
CSoftware Guard Extensions (SGX)
DSeparation Kernel Protection Profiles (SKPP)

Explanation

AMD Secure Memory Encryption (SME) is a processor security feature that provides hardware-based encryption of system memory to protect sensitive information from physical memory extraction attacks.

Common mistakes.

A. Role Based Access Control (RBAC) is a software-based access control mechanism that restricts system access to authorized users based on their roles, not a hardware feature for memory encryption.
C. Software Guard Extensions (SGX) is an Intel technology that allows applications to create protected enclaves in memory for secure code and data execution, but it's focused on protecting specific application code/data, not the entire system memory from physical extraction.
D. Separation Kernel Protection Profiles (SKPP) are security certification standards for high-assurance operating systems and hypervisors, not a specific processor security feature for memory encryption.

Concept tested. Processor memory encryption features

Reference. https://www.amd.com/en/developer/system/confidential-computing.html

Topics

#Hardware Security#Memory Encryption#Processor Security Features#Physical Security

Community Discussion

No community discussion yet for this question.

Full CSSLP Practice Browse All CSSLP Questions