CompTIA Security Plus Mock Test Q1110

Which of the following devices is BEST suited for servers that need to store private keys?

A. Hardware security module
B. Hardened network firewall
C. Solid state disk drive
D. Hardened host firewall


Correct Answer: A
Section: Cryptography

Explanation:
A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides cryptoprocessing.
By adding a HSM to the server and storing the private keys on HSM, the security of the keys would be improved.

Incorrect Answers:
B: A firewall protects from threats in the incoming traffic. A firewall would not be of much help in securing keys stored on a server.
C: A solid state drive does not provide any extra security, it is just faster than most regular hard drives.
D: A firewall protects from threats in the incoming traffic. A firewall would not be of much help in securing keys stored on a server.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 96-97, 222, 238, 290, 386