18 Aug Practice Test Question-Key Management
Preparing for your next security certification exam? After trying your hand at this practice test question, join the FREE CertMike Study Group for the CISSP, Security+, CySA+, PenTest+, CISM+ or SSCP certification to receive new questions each week. You’ll also receive free access to my customized study strategies.
Yolanda would like to find a secure mechanism for managing keys in her cloud environment. She wants to protect key material from access by her own staff and the cloud vendor. What approach would best meet her needs?
A. Hardware Security Module (HSM)
B. Storing keys on a separate key server
C. Storing keys on the same servers
D. Storing keys in a password vault
Correct Answer: A
Using a cloud-based hardware security module (HSM) provides the key management that Yolanda desires, protecting keys from viewing by anyone. The other approaches all expose keys to vendor staff and/or Yolanda’s own team and would not provide the same high level of secrets management as an HSM..