PrepAway - Latest Free Exam Questions & Answers

Which of the following statements is true about data encryption as a method of protecting data?

Which of the following statements is true about data encryption as a method of protecting data?

PrepAway - Latest Free Exam Questions & Answers

A.
It should sometimes be used for password files

B.
It is usually easily administered

C.
It makes few demands on system resources

D.
It requires careful key Management

Explanation:
“Cryptography can be used as a security mechanism to provide confidentiality,
integrity, and authentication, but not if the keys are compromised in any way. The keys can be
captured, modified, corrupted, or disclosed to unauthorized individuals. Cryptography is based on
a trust mode. Individuals trust each other to protect their own keys, they trust the administrator
who is maintaining the keys, and they trust a server that holds, maintains and distributes the keys.
Many administrators know that key management causes one of the biggest headaches in
cryptographic implementation. There is more to key maintenance than using them to encrypt
messages. The keys have to be distributed securely to the right entities and updated continuously.
The keys need to be protected as they are being transmitted and while they are being stored on
each workstation and server. The keys need to be generated, destroyed, and recovered properly,
Key management can be handled through manual or automatic processes.
Unfortunately, many companies use cryptographic keys, but rarely if ever change them. This is
because of the hassle of key management and because the network administrator is already
overtaxed with other tasks or does not realize the task actually needs to take place. The frequency

of use of a cryptographic key can have a direct correlation to often the key should be changed.
The more a key is used, the more likely it is to be captured and compromised. If a key is used
infrequently, then this risk drops dramatically. The necessary level of security and the frequency of
use can dictate the frequency of the key updates.
Key management is the most challenging part of cryptography and also the most crucial. It is one
thing to develop a very complicated and complex algorithm and key method, but if the keys are not
securely stored and transmitted, it does not really matter how strong the algorithm is. Keeping
keys secret is a challenging task.” Pg 512-513 Shon Harris CISSP Certification All-In-One Exam
Guide


Leave a Reply