Which of the following terms refers to the delivery of encryption keys to a CASB or a third-party entity?
Which of the following terms refers to the delivery of encryption keys to a CASB or a third-party entity?
Key distribution involves the process of securely delivering cryptographic keys to their intended recipients, such as a CASB or third-party entity. This ensures that the recipients can access the keys for encryption and decryption purposes. The term focuses on the act of delivering the keys rather than storing or recovering them.
The term is actually key distribution key word distribution = delivery. Key Escrow is the process to store the key. Totally use key Escrow with CASB and third party but the deliver system is Key Distribution. In short escrow is method of storing and distribution is method of delivery. https://csrc.nist.gov/glossary/term/key_distribution https://jumpcloud.com/blog/key-escrow
NIST SP 800-152, Key Distribution - A manual or automated key-establishment procedure whereby one entity (the sender) selects and distributes the key to another entity (the receiver). CNSSI 4009-2015, Key Escrow - the retention of the private component of the key pair associated with a subscriber’s encryption certificate to support key recovery. Question asks about the delivery, not the retention; so key distribution
I'll Take CASB for $500 Alex. "This verb is the process of getting keys sent to the CASB for storage" "What is Distribution?" " That is correct. (CASB is a key escrow provider but sending it there is distributing a key) Source: Verifying each answer against Chat GPT, my experience, other test banks, a written book, and weighing in the discussion from all users to create a 100% accurate guide for myself before I take the exam. (It isn't easy because of the time needed, but it is doing my diligence)
D. Key escrow Key escrow refers to the process of storing a copy of an encryption key with a trusted third party. This key can be retrieved and used in case the original key is lost or otherwise inaccessible, or when lawfully authorized access is needed. It's important to note that this should be done carefully, as it does present additional risks if the third party is compromised.
Everyone is focused on the word “distribution” in the question. The key word is “third-party”. The answer is D.
It is B. Because of the distribution. Key Escrow is about storage of keys.
Key Escrow: storing keys with a third party for recovery purposes Key Distribution: secure delivery of keys to a CASB or third-party entity for immediate use.
CASBs do not perform key escrow. Yes, third-party entities do, and yes, that phrase was in the question. The answer is still B. CASB will you the key shared via key distribution to perform all sorts of tasks such as policy enforcement. It uses the keys to scan traffic and look for anomalies in patterns. Third-party entities would use keys distributed to them for things like secure data backups and recovery, secure file sharing, compliance auditing, etc... Just CompTIA using buzz words trying to throw everyone off their game.
DELIVERY of keys is Key Distribution
When you escrow a key you store it with a third party for recovery purposes. Key distribution is when keys are exchanged for public key encryption. Answer is D
It is Key Escrow, too many people are getting hung on the word "deliver". A 3rd party key broker is an escrow.
Key word delivery!
A "Key Escrow" is used in cases where a third-party needs access to encrypted data, as defined by law (so if you get a court order to decrypt data)Key distribution is, well, the process of distributing (cryptographic) keys to different parties. Usually this involves mechanisms which are considered "out-of-band", i.e. mechanisms that don't use the later communication channel for the transport of keys. Alternatively key distribution can be done by relying the distribution of new keys upon the safe distribution of old keys
Answer is : "Key Escrow"
The term that refers to the delivery of encryption keys to a CASB (Cloud Access Security Broker) or a third-party entity is: B. Key distribution Explanation: Key Sharing: Involves sharing encryption keys between authorized parties for collaborative purposes. Key Distribution: Involves the delivery of encryption keys to the intended recipients or entities. Key distribution ensures that the entities involved in secure communication have access to the appropriate keys to encrypt and decrypt the data. Key Recovery: Refers to the process of regaining access to encrypted data when a user forgets their password or loses access to their key. Key Escrow: Involves the storage of encryption keys by a trusted third party. This third party can release the keys under specific conditions, such as legal requirements.
CHATGPT If the question is specifically asking about the delivery of encryption keys to a CASB or third-party entity, then the correct answer would be A) Key sharing or B) Key distribution. Key sharing refers to the process of securely distributing cryptographic keys to multiple parties who need access to them, while key distribution is the process of securely delivering cryptographic keys to their intended recipients. Key escrow, on the other hand, involves the storage of encryption keys with a third-party entity, but it is typically used for backup and recovery purposes rather than for the immediate distribution of keys.
agree that the keyword here is "delivery" or distribution. so the answer is key distribution.
D, correct
B would be. It's talking about delivering