SY0-301 · Question #131
SY0-301 Question #131: Real Exam Question with Answer & Explanation
The correct answer is D: Hardware encryption is faster than software encryption.. HSMs (Hardware Security Modules) are dedicated cryptographic processors that outperform software-based encryption in speed and security. They offload cryptographic operations from the CPU using specialized hardware.
Question
Options
- AThumb drives present a significant threat which is mitigated by HSM.
- BSoftware encryption can perform multiple functions required by HSM.
- CData loss by removable media can be prevented with DLP.
- DHardware encryption is faster than software encryption.
Explanation
HSMs (Hardware Security Modules) are dedicated cryptographic processors that outperform software-based encryption in speed and security. They offload cryptographic operations from the CPU using specialized hardware.
Common mistakes.
- A. Thumb drives are a removable media threat addressed by DLP or port controls, not HSMs, which are focused on cryptographic key protection and hardware-accelerated encryption.
- B. Software encryption cannot replicate the tamper-resistance, physical key isolation, and dedicated processing speed that HSMs provide - it is specifically the hardware nature of HSM that differentiates it.
- C. DLP (Data Loss Prevention) addresses data exfiltration via removable media, which is a separate concern from the cryptographic acceleration and key protection role of an HSM.
Concept tested. Hardware Security Module purpose and performance advantage
Reference. https://learn.microsoft.com/en-us/azure/key-vault/managed-hsm/overview
Community Discussion
No community discussion yet for this question.