Which option is a data-at-rest protection measure?

Prepare for the MIPC Exam 2 with our comprehensive study material. Engage with flashcards and multiple choice questions, each accompanied by hints and explanations. Ensure you're ready to excel!

Multiple Choice

Which option is a data-at-rest protection measure?

Explanation:
Protecting data at rest means keeping stored information secure even if the storage medium is compromised. The strongest approach is to encrypt the data with a robust algorithm and manage the encryption keys securely. AES-256 is a widely trusted symmetric encryption standard, and when you pair it with proper key management—secure key generation and storage, strict access controls, regular rotation, and separation of duties—you ensure that the stored data remains unreadable to anyone who gains access to the storage itself. The other options describe protections for data in transit—data moving between systems. Encrypting in transit, pinning TLS certificates, and performing certificate revocation checks all help protect data as it travels over a network, not after it’s stored. So the option that correctly targets data at rest is the AES-256 encryption with proper key management.

Protecting data at rest means keeping stored information secure even if the storage medium is compromised. The strongest approach is to encrypt the data with a robust algorithm and manage the encryption keys securely. AES-256 is a widely trusted symmetric encryption standard, and when you pair it with proper key management—secure key generation and storage, strict access controls, regular rotation, and separation of duties—you ensure that the stored data remains unreadable to anyone who gains access to the storage itself.

The other options describe protections for data in transit—data moving between systems. Encrypting in transit, pinning TLS certificates, and performing certificate revocation checks all help protect data as it travels over a network, not after it’s stored. So the option that correctly targets data at rest is the AES-256 encryption with proper key management.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy