Cryptography Practice Question by Wentz Wu, ISSAP, ISSEP, ISSMP CISSP, CCSP, CSSLP, CGRC, SSCP, CC, CISM, CISA, CRISC, CGEIT, PMP, ACP, PBA, RMP, CEH, ECSAWentz Wu

TheKerchoffPrinciple

You are a development team member of the Scrum team developing an application that handles the most sensitive data for the research and development department in your company. You are considering the protection of the application configurations in storage to follow the security by design principle. After some research, you are aware that some protection mechanisms are broken and insecure. e.g. WEP and DES. How should you do to protect your application configurations in storage?

A. Task a development team member to develop the application code utilizing a standard cipher that is openly reviewed and certified.
B. Task the most senior engineer to develop a symmetric cipher and classify it as the most sensitive asset.
C. Task the most senior engineer to develop an asymmetric cipher and classify it as the most sensitive asset.
D. Hire an implementation subject matter expert with the Ph.D. degree to develop an asymmetric cipher and classify it as the most sensitive asset.

Wentz Wu

ISSAP, ISSEP, ISSMP CISSP, CCSP, CSSLP, CGRC, SSCP, CC, CISM, CISA, CRISC, CGEIT, PMP, ACP, PBA, RMP, CEH, ECSA

Cryptography Practice Question

Like this:

Related

Leave a ReplyCancel reply

Share this:

Like this:

Related

Leave a ReplyCancel reply

Discover more from Wentz Wu