SG0-001 · Question #99
Which of the following will be required to be able to read the data on an encrypted LTO-4 backup tape, if the tape has to be imported at the DR target site?
The correct answer is A. Encryption keys from the source site. To successfully read data from an encrypted LTO-4 backup tape imported at a disaster recovery site, the specific encryption keys used at the source site are absolutely required for decryption.
Question
Which of the following will be required to be able to read the data on an encrypted LTO-4 backup tape, if the tape has to be imported at the DR target site?
Options
- AEncryption keys from the source site
- BAn LTO-3 tape drive which supports encryption
- CPlain text cipher key from the source site
- DIPSec encryption keys and ACLs from the source site
How the community answered
(38 responses)- A87% (33)
- B3% (1)
- C3% (1)
- D8% (3)
Why each option
To successfully read data from an encrypted LTO-4 backup tape imported at a disaster recovery site, the specific encryption keys used at the source site are absolutely required for decryption.
LTO tape encryption relies on symmetric encryption keys; without the exact key used during the encryption process, the data on the tape remains unreadable, regardless of the tape drive or other configurations.
An LTO-3 tape drive may not be compatible with LTO-4 tapes for reading, and even if it were, it does not provide the encryption keys necessary to decrypt the data.
A 'plain text cipher key' is a vague term, but generally, the specific encryption key, often managed by a key management system, is required, not a generic plain text string.
IPSec encryption keys and ACLs are used for securing network communications and are not relevant for decrypting data stored offline on a physical backup tape.
Concept tested: LTO tape encryption key management
Source: https://www.ibm.com/docs/en/ts3500-tape-library?topic=management-lto-encryption-key
Topics
Community Discussion
No community discussion yet for this question.