Apr 30 • 🙋♂️ CISSP
Practice Question
Question:An organization has decided to upgrade its data center with new encryption modules to support FIPS 140-3 compliance. As the lead security architect, you must ensure that the hardware security modules (HSMs) meet this requirement. The vendor offers two types: one that is FIPS 140-2 validated and another that is currently undergoing 140-3 testing. What is the MOST appropriate decision?
A. Select the FIPS 140-2 validated HSM, as it is already compliant.
B. Choose the 140-3 model to future-proof the environment.
C. Wait for the 140-3 model to be validated before making a decision.
D. Implement the 140-2 version temporarily and plan to migrate to 140-3.
3
8 comments
Practice Question
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+46
2
+17
3
+15
4
+14
5
+10
Powered by