ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 712-50 All Questions

View all questions & answers for the 712-50 exam
Go to Exam

Exam 712-50 topic 1 question 387 discussion

Actual exam question from ECCouncil's 712-50
Question #: 387
Topic #: 1
[All 712-50 Questions]

As the CISO, you have been tasked with the execution of the company's key management program. You MUST ensure the integrity of encryption keys at the point of generation. Which principal of encryption key control will ensure no single individual can constitute or re-constitute a key?

  • A. Dual Control
  • B. Separation of Duties
  • C. Split Knowledge
  • D. Least Privilege
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by e_karma at Feb. 18, 2021, 3:55 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
johndoe69
1 year ago
Selected Answer: C
Reference: NIST Special Publication 800-57 Part 1 Rev. 5: Recommendation for Key Management – Part 1: General "Split knowledge is a condition under which two or more parties separately have key components that individually convey no knowledge of the resultant cryptographic key. Only when combined can the key be reconstituted."
upvoted 1 times
...
7926e67
1 year, 5 months ago
Selected Answer: C
When we look at the definition of split knowledge and dual control, dual control means that it takes more than one individual to create this key rotation ceremony. When we look at split knowledge, it says that when we create the key, no one individual has any knowledge of the resulting key.
upvoted 1 times
...
skaf
1 year, 10 months ago
Selected Answer: C
Generation point here is key
upvoted 1 times
...
Louisp45
2 years, 2 months ago
Selected Answer: C
Split Knowledge applies to the manual generation of encryption key
upvoted 1 times
...
Pika26
2 years, 4 months ago
Answer is C: Split Knowledge
upvoted 2 times
...
ironman_86
2 years, 5 months ago
A or C?
upvoted 1 times
...
Rufus1
3 years, 9 months ago
Dual Control means that no one person should be able to manage your encryption keys. Creating, distributing, and defining access controls should require at least two individuals working together to accomplish the task. ---- Split Knowledge applies to the manual generation of encryption keys, or at any point where encryption keys are available in the clear. More than one person should be required to constitute or re-constitute a key in this situation. Seems A the right answer
upvoted 2 times
...
e_karma
4 years, 5 months ago
The answer is "C". The person given reference should have read this own reference doocument. It clearly says that Split Knowledge is needed to constitute and re constitute keys
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel