Exam CAS-004 topic 1 question 9 discussion

The term is actually key distribution key word distribution = delivery. Key Escrow is the process to store the key. Totally use key Escrow with CASB and third party but the deliver system is Key Distribution. In short escrow is method of storing and distribution is method of delivery. https://csrc.nist.gov/glossary/term/key_distribution https://jumpcloud.com/blog/key-escrow

I'll Take CASB for $500 Alex. "This verb is the process of getting keys sent to the CASB for storage" "What is Distribution?" " That is correct. (CASB is a key escrow provider but sending it there is distributing a key) Source: Verifying each answer against Chat GPT, my experience, other test banks, a written book, and weighing in the discussion from all users to create a 100% accurate guide for myself before I take the exam. (It isn't easy because of the time needed, but it is doing my diligence)

CORRECT ANSWER: D. Key escrow refers to the process of storing encryption keys with a third-party entity, such as a Cloud Access Security Broker (CASB) or a trusted organization. This allows for the recovery of encrypted data if the original encryption keys are lost or if access needs to be granted for legal or operational purposes. Why Not the Other Options? A. Key Sharing: Key sharing refers to the process of multiple users having access to the same encryption key, which is not the same as escrow. B. Key Distribution: This refers to sending encryption keys securely to authorized parties for encryption and decryption but does not involve third-party storage. C. Key Recovery: This is the process of retrieving lost encryption keys, but it doesn’t necessarily involve a third-party entity like a CASB.

Key distribution refers to the process of distributing encryption keys to authorized users or systems. CASB or Third party entity are not authorized users or systems. They hold the keys and only release them when certain things are met according to the agree. A breach of contract, a software company goes out of business are some examples. The answer is Key Escrow.

The question state just the distribution of the keys.

According to ChatGPT, the answer is D. Key escrow

Answer selected is: B. Key distribution. The key word is: "delivery."

CASBs do not perform key escrow. Yes, third-party entities do, and yes, that phrase was in the question. The answer is still B. CASB will you the key shared via key distribution to perform all sorts of tasks such as policy enforcement. It uses the keys to scan traffic and look for anomalies in patterns. Third-party entities would use keys distributed to them for things like secure data backups and recovery, secure file sharing, compliance auditing, etc... Just CompTIA using buzz words trying to throw everyone off their game.

The term that refers to the delivery of encryption keys to a CASB (Cloud Access Security Broker) or a third-party entity is: B. Key distribution Explanation: Key Sharing: Involves sharing encryption keys between authorized parties for collaborative purposes. Key Distribution: Involves the delivery of encryption keys to the intended recipients or entities. Key distribution ensures that the entities involved in secure communication have access to the appropriate keys to encrypt and decrypt the data. Key Recovery: Refers to the process of regaining access to encrypted data when a user forgets their password or loses access to their key. Key Escrow: Involves the storage of encryption keys by a trusted third party. This third party can release the keys under specific conditions, such as legal requirements.

Key Escrow: storing keys with a third party for recovery purposes Key Distribution: secure delivery of keys to a CASB or third-party entity for immediate use.

Has to be B

I asked ChatGPT 4o the question without even supplying it the answer bank, and it spit out "Key Escrow".

A "Key Escrow" is used in cases where a third-party needs access to encrypted data, as defined by law (so if you get a court order to decrypt data)Key distribution is, well, the process of distributing (cryptographic) keys to different parties. Usually this involves mechanisms which are considered "out-of-band", i.e. mechanisms that don't use the later communication channel for the transport of keys. Alternatively key distribution can be done by relying the distribution of new keys upon the safe distribution of old keys

NIST SP 800-152, Key Distribution - A manual or automated key-establishment procedure whereby one entity (the sender) selects and distributes the key to another entity (the receiver). CNSSI 4009-2015, Key Escrow - the retention of the private component of the key pair associated with a subscriber’s encryption certificate to support key recovery. Question asks about the delivery, not the retention; so key distribution

D. Key escrow Key escrow refers to the process of storing a copy of an encryption key with a trusted third party. This key can be retrieved and used in case the original key is lost or otherwise inaccessible, or when lawfully authorized access is needed. It's important to note that this should be done carefully, as it does present additional risks if the third party is compromised.

Everyone is focused on the word “distribution” in the question. The key word is “third-party”. The answer is D.

CHATGPT If the question is specifically asking about the delivery of encryption keys to a CASB or third-party entity, then the correct answer would be A) Key sharing or B) Key distribution. Key sharing refers to the process of securely distributing cryptographic keys to multiple parties who need access to them, while key distribution is the process of securely delivering cryptographic keys to their intended recipients. Key escrow, on the other hand, involves the storage of encryption keys with a third-party entity, but it is typically used for backup and recovery purposes rather than for the immediate distribution of keys.