Which strategy best protects backup data both in transit and at rest?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Network Operations Management Test with multiple choice questions, each with explanations. Assess your knowledge on protocols, backup strategies, and operational management. Enhance your readiness for the exam!

Multiple Choice

Which strategy best protects backup data both in transit and at rest?

Explanation:
Protecting backup data requires encryption for both states—in transit and at rest—paired with strong key management and strict access controls. Encrypting backups as they move over networks prevents interception from exposing sensitive information, while encryption at rest guards data if storage media are lost or accessed by unauthorized parties. Using strong ciphers and authenticated encryption protects confidentiality and integrity, and storing keys with a dedicated KMS or HSM ensures keys are protected, access is auditable, and operations like rotation and revocation are enforceable. Regular key rotation limits the impact if a key becomes compromised, and strict access controls ensure only authorized users or services can perform backup or restore actions. Securing transfer channels with TLS or SFTP protects data during transit from eavesdropping and tampering. Relying on physical security alone leaves backups exposed if media are stolen. Encrypting with weak ciphers can be cracked, so strong algorithms and proper configurations are essential. A standard file password on backups is vulnerable to brute-force attacks and lacks centralized, auditable key management and modern transport security.

Protecting backup data requires encryption for both states—in transit and at rest—paired with strong key management and strict access controls. Encrypting backups as they move over networks prevents interception from exposing sensitive information, while encryption at rest guards data if storage media are lost or accessed by unauthorized parties. Using strong ciphers and authenticated encryption protects confidentiality and integrity, and storing keys with a dedicated KMS or HSM ensures keys are protected, access is auditable, and operations like rotation and revocation are enforceable. Regular key rotation limits the impact if a key becomes compromised, and strict access controls ensure only authorized users or services can perform backup or restore actions. Securing transfer channels with TLS or SFTP protects data during transit from eavesdropping and tampering.

Relying on physical security alone leaves backups exposed if media are stolen. Encrypting with weak ciphers can be cracked, so strong algorithms and proper configurations are essential. A standard file password on backups is vulnerable to brute-force attacks and lacks centralized, auditable key management and modern transport security.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy