Exam CS0-002 topic 1 question 120 discussion

Without encryption, an insider threat can steal the server's HD.

I would first say Air Gapped and backed up hourly because in the workplace, it is very common to take backups at minimum on a daily basis (hourly is even better) but i dont think backed up hourly falls under the definition of "secure state" so i have to go with air gapped and powered off. So i have to go with C and F.

Full disk encrypted: This ensures that even if the physical server is compromised, the data on the disk remains protected. Air gapped: This isolates the CA server from any network connection, preventing unauthorized access and potential malware infections.

rule number 1. a powered down system is a secured system because it cant be compromise 2, an air gap is a pretty secure security measure. if they asked for 3 then we can talk encryption now.

Airgapped, because Root CA never goes online Encrypted in case the HDD or server will be stolen

Our tutor was telling us about a certificate signing ceremony https://www.keyfactor.com/blog/top-5-root-ca-key-signing-ceremony-mistakes/ Please read Mistake #1 - Never bring a root CA online

Because I'm confident with this answer

By placing the certificate authority server on a private VLAN, it is isolated from other networks and can only be accessed by authorized users. This helps to reduce the risk of unauthorized access and potential attacks. Options A and F are the most secure states for the certificate authority server when it is not in use. Full disk encryption, backing up hourly, and VPN accessibility can provide additional security measures but do not guarantee the server's complete isolation and protection from unauthorized access or attacks. Powering off the server is also a secure state, but it would not allow the server to be used when it is needed.

Encryption will help with physical attacks. And powered off will prevent remote attacks

CF Powered Off is the Most secure state. Don't think of it too hard. I work in a field that yells this all the time.

The most secure states for the certificate authority server when it is not in use are: B. Full disk encrypted: This would prevent unauthorized access to the server's data in case the server is stolen or misplaced. This is especially important for a server that holds sensitive data like a certificate authority. F. Air gapped: An air-gapped system is physically isolated from other networks, which can prevent it from being accessed or compromised remotely. This can be an effective way to protect the certificate authority server from attacks, particularly those that may be launched over a network. While the other options, such as on a private VLAN, powered off, backed up hourly, or VPN accessible only, may provide some degree of security, they may not be sufficient to protect the certificate authority server from advanced attacks that may target the server's data and resources.

root certificate authority is a certificate authority which has been isolated from network access, and is often kept in a powered-down state.

CA should be off and completely isolated based on the good practices. Going for C&F here.

I think we all agree F for the purposes of physical security, but what about a technical control. I see the argument for powered off, however those choosing powered off seem to be concerning data at rest only and that's because the question says when the server is not in use. I'll still go with encryption being better than simply turning it off.

The two most secure states for the certificate authority server when it is not in use would likely be "Powered off" and "Air gapped". Powered off: This minimizes the attack surface of the server and reduces the risk of unauthorized access or manipulation. Air gapped: By physically separating the server from other networks, it makes it significantly more difficult for attackers to penetrate the network and access sensitive data. Additionally, air gapping ensures that malware cannot spread from one network to another.

Your root CA should be standalone, and offline. That is to say, it should not be connected to a forest, and in fact, it should not ever be connected to any network. A Root CA’s only purpose is to sign and revoke subordinate CAs certificate requests, and create a periodic Certificate Revocation List file. That’s it. Other than that, there is no reason for this CA to even be powered on. Your root CA should be immune from online threats, as it’s not online, and should be physically and logically protected. Your root CA should never be put online for any reason ever. The moment you put this server online, your claim of “offline root” is no longer completely legitimate. https://social.technet.microsoft.com/Forums/en-US/342b2de5-0496-4b0c-aeb7-83069a545712/root-ca-offline?forum=winserversecurity

Specifically for FDE. “When not in use” makes me think of data at rest.