Why Not the Others?
A. Confidentiality → External KMS solutions are typically designed to be highly secure, and proper key management practices can maintain confidentiality.
B. Portability → Moving key management between providers is difficult, but it is not the biggest concern compared to availability.
D. Integrity → The integrity of cryptographic keys is usually ensured by secure key management practices, regardless of location.
The biggest concern with hosting a Key Management System (KMS) outside of the cloud environment is availability. If the external KMS becomes unreachable, cloud-based applications and services that depend on those keys for encryption and authentication could fail to function, resulting in downtime or loss of access to critical data.
🔹 Why Availability is the Primary Concern:
If the KMS is unavailable, encrypted data cannot be accessed or decrypted.
Network dependencies between cloud services and an external KMS introduce risks of latency or outages.
Cloud services require constant access to encryption keys for ongoing operations.
should be A. availability is a concern, but not the primary concern. the answer is confidentiality because external management introduces risk related to unauthorized access and exposure of sensitive keys.
A is a key concern for both external/on-prem hosting and in-cloud hosting.
But C is the unique (additional) biggest concern that comes with an externally hosted key-management.
When a key management system is outside of the cloud environment hosting the application, availability is a primary concern because any access issues with the encryption keys will render the entire application unusable
The biggest concern with hosting a key management system outside of the cloud environment is likely confidentiality. A key management system is a type of security system that is used to securely store and manage keys, which are used to encrypt and decrypt data. If the key management system is hosted outside of the cloud environment, it may be more vulnerable to unauthorized access, which could compromise the confidentiality of the keys and the data they protect. This could also affect the integrity and availability of the data, but confidentiality is likely the most significant concern in this situation.
My first thought was that it should be Confidentiality but then I thought that I could be hosting the Key Management on Premise and then that would not be the problem. I think that the correct answer is C Availability.
Outside the cloud env could be on premise. And that does not imply loss of confidentiality. Whereas Availability of the key is always a question when needed for any operation
risk to key confidentiality could lead to data breach, while risk to key availability leads to data loss. The question here is of the biggest concern and C should be correct.
upvoted 1 times
...
...
This section is not available anymore. Please use the main Exam Page.CCSP Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
vitoscotorro
Highly Voted 4 years, 8 months agoMaciekMT
Most Recent 1 month, 3 weeks agoMaciekMT
1 month, 3 weeks agogloby118
4 months, 2 weeks agodmo_d
1 year, 4 months agoPika26
1 year, 4 months agoNJALPHA
1 year, 6 months agoDA95
1 year, 10 months agoVoldamort
2 years, 9 months agoZeezee2
2 years, 11 months agoRamnik
3 years, 7 months agostevrod
3 years, 7 months agoJKCY
3 years, 8 months agoBenojojo
4 years, 5 months agoecho_cert
4 years, 2 months agoCL888
4 years, 1 month agoxaccan
3 years agonelombg
2 years, 9 months agotngx2020
3 years, 11 months ago