ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CAS-004 All Questions

View all questions & answers for the CAS-004 exam
Go to Exam

Exam CAS-004 topic 1 question 201 discussion

Actual exam question from CompTIA's CAS-004
Question #: 201
Topic #: 1
[All CAS-004 Questions]

A security analyst sees that a hacker has discovered some keys and they are being made available on a public website. The security analyst is then able to successfully decrypt that data using the keys from the website. Which of the following should the security analyst recommend to protect the affected data?

  • A. Key rotation
  • B. Key escrow
  • C. Zeroization
  • D. Cryptographic obfuscation
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by FOURDUE at Feb. 6, 2023, 4:13 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
eomsg001
Highly Voted 2 years, 4 months ago
This is a repeat question to #178
upvoted 10 times
Mundo
2 years, 2 months ago
This one leaves out the answer choice of Key revocation which was the correct to #178
upvoted 11 times
isaphiltrick
11 months, 4 weeks ago
Doesn't that tell you that "key revocation" may not have been the correct answer for #178?
upvoted 2 times
...
...
...
FOURDUE
Highly Voted 2 years, 4 months ago
Selected Answer: A
KEY ROTATION - Purposely changing keys on a periodic basis to mitigate issues associated with brute force attacks or unidentified key breach incidents. Previous key must be revoked as part of the rotation process.
upvoted 6 times
...
Djonzi
Most Recent 2 months, 3 weeks ago
Selected Answer: A
A. it is same question with different choises as Q178
upvoted 2 times
...
Steel16
4 months, 1 week ago
Selected Answer: C
This is not "Key rotation" , "Key rotation" because refers to the practice of periodically replacing an old cryptographic key with a new one at a planned interval, The right answer is Zeroization which is used in cryptography to prevent sensitive parameters from being disclosed if the equipment is captured. It's also used to automatically erase or destroy data when a system transitions to a state where an adversary might have access to the data.
upvoted 1 times
...
Delab202
1 year, 5 months ago
Selected Answer: A
Key rotation is a security practice that involves periodically replacing cryptographic keys with new ones to enhance the security of a system. This process is crucial for managing cryptographic materials used for encryption, decryption, digital signatures, and other security-related operations. Key rotation helps mitigate the risk associated with long-term exposure of cryptographic keys and limits the potential impact of a compromised key.
upvoted 2 times
...
imather
1 year, 10 months ago
Selected Answer: A
Key rotation. The question is how to protect the data that has an exposed key. Obviously, zeriozation is non-applicable. Cryptographic obfuscation is also not applicable. The data is already encrypted i.e. cryptographically obfuscated. A key rotation would re-encrypt the data on the website with new keys, protecting it and preventing the use of the old keys. Repeat of 178 https://cpl.thalesgroup.com/blog/data-protection/encryption-key-rotation-data-security
upvoted 4 times
...
splink
2 years, 3 months ago
Selected Answer: A
I feel the answer is A here. Key Rotation allows you to actually revoke a key and use a new one. Key escrow simply holds the key/keys for you. This really doesn't help you with revoking a key, which needs to be done since your encryption is compromised, as the question illustrates.
upvoted 4 times
...
OneSaint
2 years, 4 months ago
Selected Answer: A
I'll go with A, Key Rotation is most effective in protecting data. Key Escrow in simple terms is if you loose an encryption key, the CA will give you a key to decrypt stuff.
upvoted 5 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel