Register
An enterprise with global sites processes and exchanges highly sensitive information that is protected under several countries' arms trafficking laws. There is new information that malicious nation-state-sponsored
171k views
4 votes
An enterprise with global sites processes and exchanges highly sensitive information that is protected under several countries' arms trafficking laws. There is new information that malicious nation-state-sponsored activities are targeting the use of encryption between the geographically disparate sites. The organization currently employs ECDSA and ECDH with P-384, SHA-384, and AES-256-GCM on VPNs between sites.

Which of the following techniques would MOST likely improve the resilience of the enterprise to attack on cryptographic implementation?

A. Add a second-layer VPN from a different vendor between sites.
B. Upgrade the cipher suite to use an authenticated AES mode of operation.
C. Use a stronger elliptic curve cryptography algorithm.
D. Implement an IDS with sensors inside (clear-text) and outside (cipher-text) of each tunnel between sites.
E. Ensure cryptography modules are kept up to date from vendor supplying them.

User John Nguyen
by
8.3k points

1 Answer

1 vote

Final answer:

Upgrading the cipher suite to use an authenticated AES mode of operation would most likely improve the enterprise's resilience to attacks on cryptographic implementation.

Step-by-step explanation:

The technique that would MOST likely improve the resilience of the enterprise to attack on cryptographic implementation is to Upgrade the cipher suite to use an authenticated AES mode of operation. Upgrading the cipher suite to use an authenticated AES mode of operation provides stronger security by adding an authentication mechanism to the encryption process, ensuring the integrity and authenticity of the encrypted data. This would help prevent malicious nation-state-sponsored activities from successfully targeting the use of encryption between the sites.



The other options, such as adding a second-layer VPN, using a stronger elliptic curve cryptography algorithm, implementing an IDS with sensors, or keeping cryptography modules up to date, may provide some additional security measures, but upgrading the cipher suite to use an authenticated AES mode of operation would have the most significant impact on improving the resilience of the enterprise to attack on cryptographic implementation.

User Julien Vaslet
by
8.3k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

9.5m questions

12.2m answers

Other Questions

“What does it mean when we “rework” copyrighted material?”
The book shows how to add and subtract binary and decimal numbers. However, other numbering systems are also very popular when dealing with computers. The octal (base 8) numbering system is one of these.
Seven basic internal components found in a computer tower
Please help me ! All you do is just put it it all in your own words ! Please this is for my reported card!i don't know how to put it in my own words because my English is not that good!
Disadvantages of using animation in advertising? advantages and disadvantages of using animation for education? advantages and disadvantages of using animation in entertainment?
Link Copied!