ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 591 discussion

Actual exam question from CompTIA's CAS-004
Question #: 591
Topic #: 1
[All CAS-004 Questions]

An organization has been using self-managed encryption keys rather than the free keys managed by the cloud provider. The Chief Information Security Officer (CISO) reviews the monthly bill and realizes the self-managed keys are more costly than anticipated. Which of the following should the CISO recommend to reduce costs while maintaining a strong security posture?

  • A. Utilize an on-premises HSM to locally manage keys.
  • B. Adjust the configuration for cloud provider keys on data that is classified as public.
  • C. Being using cloud-managed keys on all new resources deployed in the cloud.
  • D. Extend the key rotation period to one year so that the cloud provider can use cached keys.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by axelcanoble at Dec. 31, 2024, 5:15 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Steel16
3 months, 3 weeks ago
Selected Answer: C
o Option C: Begin using cloud-managed keys on all new resources deployed in the cloud.  Cost Efficiency: Cloud-managed keys are typically less expensive than self-managed keys because the cloud provider handles the infrastructure and management.  Security: Cloud providers offer robust security measures and compliance certifications, ensuring that the keys are managed securely.  Simplicity: Using cloud-managed keys simplifies key management processes, reducing the administrative burden on the organization.
upvoted 1 times
Steel16
3 months, 3 weeks ago
o Option B, "Adjust the configuration for cloud provider keys on data that is classified as public," might seem like a cost-saving measure, but it has some drawbacks:  Limited Scope: This option only applies to data classified as public. While it might reduce costs for that specific data, it doesn't address the broader need for cost reduction across all data types.  Security Concerns: Public data might not require the same level of encryption as sensitive data, but adjusting configurations could lead to inconsistencies in how data is protected. This could complicate security management and potentially introduce vulnerabilities.
upvoted 3 times
...
...
axelcanoble
6 months, 1 week ago
Selected Answer: B
Answer: B Using cloud provider-managed encryption keys for data that is classified as public reduces costs because cloud-managed keys are typically included as part of the provider's services at no extra charge. At the same time, public data does not require the high-security level provided by self-managed keys, maintaining a strong security posture while reducing unnecessary expenses.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel