An SSL/TLS private key is installed on a corporate web proxy in order to inspect HTTPS requests. Which of the
following describes how this private key should be stored so that it is protected from theft?

A.
Implement full disk encryption

B.
Store on encrypted removable media

C.
Utilize a hardware security module

D.
Store on web proxy file system

Explanation:
Hardware Security Module (HSM) hardware-based encryption solution that is usually used in conjunction with
PKI to enhance security with certification authorities (CAs). It is available as an expansion card and can
cryptographic keys, passwords, or certificates.