CISSP Exam - Question 238

Read the book CISSP All-in-One Study Guide and can refer to this URL https://www.soterosoft.com/blog/data-in-use-encryption-data-in-motion-encryption/ data-in-use - Encryption doesn’t protect data in use. Data-in-use meaning the data already view example displaying your bank account information at your screen. The data is encrypted at the source (Data-at-rest encryption), the data is encrypted via TLS or HTTPS when in motion. But when it reaches your computer or mobile devices, the data storing in your RAM, CPU registeres and display on your screen. All these are not encrypted, else how you read the data or information?? Data must decrypt before it is used. So for data-in-use, best approach is access control but that doesnt stop people from screen-shot and print it etc etc. So the obvious answer is B.

I would say it's C > "Encryption plays a major role in protecting data in use or in motion. Data should always be encrypted when it's traversing any external or internal networks. This includes encrypting all data prior to transport or using protected tunnels, such as HTTPS or SSL/TLS." https://www.techtarget.com/searchsecurity/feature/Best-practices-to-secure-data-at-rest-in-use-and-in-motion It's not A, when you lose data in use you can decrypt them. Imagin that you are connected over TLS to your bank and you close the browser, can you reopen that, no you have to login again with secure protocol (TLS).

it is C. Data-in-use must work always of course with secure protocols when the information is charged in the system. After that, the information can be decrypted or not (homomorphic encryption). As well, the information should be accessed from trusted system or "enclave"

The correct answer according to CISSP is: B. When the data is being viewed, it can only be printed by authorized users. Data-in-use controls are a type of security control that is designed to protect data when it is being accessed or used. These controls typically involve limiting the actions that can be performed on the data and enforcing access controls to ensure that only authorized users are able to view, modify, or print the data. This way, it ensures that only authorized users can print the data and not to anyone who has access to the data.

Encryption. Its A

Anyone can find a workaround to printing data they're not allowed to. HOW that data is accessed is the most important control.

Answer is B. The question about the controls process. So, the answer should be very defined like example "it can only be printed by authorized users." Notice the word "only"?

I go with B.

when I read option C "it can be accessed using secure protocols.", I thought about access remotely over TLS which will be a correct answer. But the question does not mention remote access to the data. So B should be the correct answer.

C. A protocol is a procedure, not necessarily referencing a method of encryption. Could be referencing a protocol for clean desk policy, or privacy screens.

Answer is B. Secure protocols don't protect against local access while access controls do. .

"data in use" is one of three states of data. In this question "data in use" should have been printed without dashes (not "data-in-use").

Why the answer is B? If someone take the mobile phone to take the photo, it can also be printed. It does not make sense.

B is the only data in use, others are data at rest and data in transit

correct answer is C .. A and D align more with data at rest., the protocols mentioned in C aligns with data in transit

Correct Answer is B. You dont use secure protocols to ' view ' ... but you do need proper AuthZ to view files. read words carefully.