Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
This is a poorly formulated question but i believe the answer could still be D
In an ideal scenario, "One key per data owner" would be a recommended practice for maintaining the highest level of security in a multi-tenant environment. However, the original question was about how encryption is managed on multi-tenant storage, without specifying it to the best or recommended practice. That's why the answer can still be "The answer could be A, B, or C depending on the provider," because in reality, encryption management can vary widely across different providers. It's always important for customers to inquire about a provider's security practices to ensure they are suitable for their specific needs, and to ideally look for a provider that uses the most secure practices, such as one key per data owner.
This is another poorly written question. If the authors of the CCSK exam want the question to be aligned with security, it should read: How should encryption be managed on multi-tenant storage? To @Brainiac's point, I've seen CSP that either facilitate 1 key per customer or do not support unique keys at all. The Security Guidance even states it is recommended to use per-customer keys when possible...when possible being the key phrase here.
According Security-Guidance-v4.0, Pg 125 : "It is recommended to use percustomer keys when possible, in order to better enforce multitenancy isolation." Answer must be B
No answer here is correct - The right answer should be "B or C" but without the relations to regualtions. A is not meeting cloud security basics and cannot be part of an answer
B is the correct answer. For multi-tenant storage, it is recommended to use per-customer keys when possible, in order to better enforce multitenancy isolation. Ref: Security-Guidance-v4.0, Pg 125.
The management of encryption on multi-tenant storage can vary depending on the provider and their specific implementation. However, the most common approach is:
D. The answer could be A, B, or C depending on the provider.
Different cloud service providers may employ different encryption strategies for multi-tenant storage. The management of encryption keys can vary from using a single key for all data owners (option A) to assigning one key per data owner (option B) or even allowing multiple keys per data owner (option C). The chosen approach depends on the provider's security architecture, data isolation mechanisms, and the level of encryption granularity required by their customers.
It's important to note that cloud service providers often offer encryption-related features and options, allowing customers to select their desired level of encryption and key management. Therefore, the specific encryption management strategy employed on multi-tenant storage can vary and should be determined based on the capabilities and offerings of the individual provider.
I can't find it in the reference but I think this should be C. The major cloud providers I know allow you to at least do two: a) multiple cloud-provider managed encryption keys b) customer-managed keys
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
ChewyBananas
6 days, 11 hours ago_jpsrob_
3 months, 1 week agoMrN0body
9 months, 3 weeks agobyfener
11 months agonegevon
11 months agosaptati
11 months, 2 weeks agoBrainiac
1 year, 1 month agomoten
1 year, 1 month agoFATWENTYSIX
1 year, 2 months agomoota
1 year, 3 months ago