Which of the following would be used when a higher level of security is desired for encryption key
storage?

A.
TACACS+

B.
L2TP

C.
LDAP

D.
TPM

Explanation:
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the
system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores
cryptographic keys, passwords, or certificates.
Incorrect Answers:
A: Terminal Access Controller Access-Control System (TACACS) is an authentication and authorization
system that accepts credentials from multiple methods, including Kerberos. It is used in client/server
network environments to control access. It does not provide higher levels of security for encryption key
storage.B: Layer 2 Tunneling Protocol (L2TP) is a used to create a channel for netwrk communication between
two systems. However, it does not secure the data transmitted over the channel. It does not provide
higher levels of security for encryption key storage.
C: Lightweight Directory Access Protocol (LDAP) is a directory access protocol that allows queries to run
against the directory’s database. It does not provide higher levels of security for encryption key storage.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 144, 146, 147, 237