SY0-301 · Question #434
A bank has a fleet of aging payment terminals used by merchants for transactional processing. The terminals currently support single DES but require an upgrade in order to be compliant with security s
The correct answer is B. 3DES. 3DES is the simplest upgrade from single DES on aging terminals because it uses the same underlying DES algorithm applied three times, requiring minimal changes to existing hardware and firmware.
Question
A bank has a fleet of aging payment terminals used by merchants for transactional processing. The terminals currently support single DES but require an upgrade in order to be compliant with security standards. Which of the following is likely to be the simplest upgrade to the aging terminals which will improve in-transit protection of transactional data?
Options
- AAES
- B3DES
- CRC4
- DWPA2
How the community answered
(30 responses)- B93% (28)
- C3% (1)
- D3% (1)
Why each option
3DES is the simplest upgrade from single DES on aging terminals because it uses the same underlying DES algorithm applied three times, requiring minimal changes to existing hardware and firmware.
AES uses a completely different cipher algorithm and block size than DES, requiring significant hardware or firmware redesign on terminals built around DES logic.
Triple DES (3DES) is architecturally derived from single DES, applying the DES cipher three times with different keys to dramatically increase effective key length (up to 168-bit). Because legacy terminals already implement DES, upgrading to 3DES is a minimal change that reuses the existing cipher engine, making it far simpler than a full AES implementation while meeting PCI-DSS compliance requirements for in-transit encryption.
RC4 is a stream cipher (not a block cipher like DES) and is considered cryptographically broken, making it unsuitable for compliance or security improvements.
WPA2 is a wireless network security protocol, not a data-in-transit encryption standard applicable to wired payment terminal transaction processing.
Concept tested: Upgrading legacy DES encryption to 3DES for compliance
Source: https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.tripledes
Topics
Community Discussion
No community discussion yet for this question.