ExamTopics Logo
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CCSP All Questions

View all questions & answers for the CCSP exam
Go to Exam

Exam CCSP topic 1 question 308 discussion

Actual exam question from ISC's CCSP
Question #: 308
Topic #: 1
[All CCSP Questions]

Key maintenance and security are paramount within a cloud environment due to the widespread use of encryption for both data and transmissions.
Which of the following key-management systems would provide the most robust control over and ownership of the key-management processes for the cloud customer?

  • A. Remote key management service
  • B. Local key management service
  • C. Client key management service
  • D. Internal key management service
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
A remote key management system resides away from the cloud environment and is owned and controlled by the cloud customer. With the use of a remote service, the cloud customer can avoid being locked into a proprietary system from the cloud provider, but also must ensure that service is compatible with the services offered by the cloud provider. A local key management system resides on the actual servers using the keys, which does not provide optimal security or control over them. Both the terms internal key management service and client key management service are provided as distractors.
by carls233 at Oct. 10, 2021, 12:48 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Pegasus_orb
Highly Voted 3 years, 1 month ago
This is not entirely clear to me. Just because it says " Remote key management service", does it mean that it's owned and controlled by the customer?
upvoted 5 times
...
micky_mouse
Most Recent 2 months, 2 weeks ago
Selected Answer: C
C. Client key management service is correct
upvoted 1 times
...
Sivath
3 months ago
Selected Answer: C
A Client Key Management Service is ideal for customers requiring full control over their encryption keys, ensuring that the cloud provider cannot access the keys or the data encrypted with them. This approach provides maximum ownership, aligns with stringent compliance needs, and enhances data security in the cloud.
upvoted 1 times
...
sweetykaur
4 months ago
For robust control and ownership over the key-management processes, the best choice would be a Client key management service (C). This allows the cloud customer to generate, maintain, and manage their own keys, providing the most autonomy and security assurance.
upvoted 2 times
...
TraceSplice
11 months, 1 week ago
Selected Answer: C
The correct answer is D - Client-Side Key Management: Similarly to the remote KMS approach, the client-side approach looks to put the customer or cloud user in complete control of the encryption and decryption keys. The main difference here is that most of the processing and control is done on the customer side.
upvoted 1 times
...
escaprix
1 year, 8 months ago
Selected Answer: D
nternal key management service refers to a key-management system that is managed and controlled directly by the cloud customer within their own infrastructure or environment. With an internal key management service, the cloud customer has complete control over the key-management processes, including key generation, distribution, rotation, and revocation
upvoted 2 times
...
Pika26
1 year, 9 months ago
Selected Answer: B
B: Local key management service
upvoted 1 times
...
akg001
2 years, 9 months ago
Selected Answer: A
A. Remote key management service
upvoted 1 times
...
carls233
3 years, 4 months ago
What about availability?
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago