Jul 20 β’ πββοΈ CISSP
CISSP Practice Question! (Asset Security - Medium):
You are the Security Engineer for a mid-sized company that has recently migrated its data storage to a cloud service provider. As part of the migration, the company needs to implement a robust data encryption strategy to secure sensitive data throughout its lifecycle. The service provider offers both at-rest and in-transit encryption. For additional security, the company wants to implement a solution that can manage encryption keys independently from the cloud service provider. Which approach should you recommend to ensure the security and compliance of your data's encryption lifecycle?
Options:
A. Use the cloud provider's built-in encryption service for both at-rest and in-transit data, and store the keys within the provider's key management system.
B. Implement client-side encryption using an external key management system before data is uploaded to the cloud, ensuring keys are managed outside of the cloud provider's environment.
C. Rely solely on the cloud provider's transit encryption, as this ensures data is protected while being transferred, and use a third-party backup service for additional security.
D. Deploy a hybrid solution where at-rest encryption is handled by the cloud provider and in-transit encryption is managed using an external VPN solution.
4
19 comments
CISSP Practice Question! (Asset Security - Medium):
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+45
2
+17
3
+15
4
+12
5
+11
Powered by