Data at rest (D). Digital signatures are commonly used as a security protection mechanism for data at rest to verify the integrity and authenticity of the stored data.
Thew question asks
Which data state would be most likely to use digital signatures as a security protection mechanism?
The term 'use as security protection"
Digital signatures are deployed against transmitted data, These signatures provide for an integrity check value when the signature is verified which is when the data is used or accessed. The digital signature does not really protect anything but rather alert the recipient to tampering. Signatures can are applied with or without encryption. The checking of the signature is not performed during transit. The signature is checked by the recipient when the data is checked. The digital signature is used when data is used.
Digital signatures are most likely to be used as a security protection mechanism for data that is in a "transmitted" state. This is because digital signatures provide a way to ensure the integrity and authenticity of data during transmission, which is particularly important when data is being sent over an insecure network such as the internet.
Digital signatures work by using cryptography to create a unique "signature" of the data that can be verified by the recipient to ensure that the data has not been tampered with or altered during transmission. This helps to prevent unauthorized access, interception, or modification of the data while it is in transit.
In contrast, digital signatures may not be as necessary for data that is in a "stored" state, such as data that is saved on a secure server or database. In this case, other security mechanisms such as access controls, encryption, and backups may be more important for protecting the data.
Answer B.
Data in use controls, IRM/DRM, access control. while data is being used its decrypted.
TLS, VPN, SSH are controls in Data in transit phase. part of TLS is to also Authenticate parties using digital cert before secure channel can establish.
refer CBK 3rd edition page 45.
However, pg 178 of the CBK "Data in use: This requires access control with granularity that is relevant for the
data at risk. APIs should be protected through the use of digital signatures and
encryption where necessary, and access rights should be restricted to the roles of
the consumer."
Digital Signatures are used as the foundational technologies for certificates which are the core technology underpinning TLS.
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
babusartop17
Highly Voted 3 years, 5 months agoxaccan
3 years, 3 months agorkumar16d
Most Recent 3 weeks, 4 days agorkumar16d
4 weeks agosweetykaur
1 month, 1 week agostack120566
9 months agonelombg
1 year, 5 months agoPika26
1 year, 6 months agoikamalbhatt
1 year, 6 months agoDaddyPan
2 years, 4 months agoakg001
2 years, 6 months ago[Removed]
2 years, 10 months agoAWSPro24
2 years, 10 months agoAWSPro24
2 years, 10 months ago