A cloud developer chooses to use private key encryption for all traffic in a new application. Which of the following security concerns does this BEST describe?
Correct Answer: B
Private key encryption, also known as symmetric key encryption, is a method of encrypting data using a single secret key that is shared by both the sender and the receiver of the message1. Private key encryption ensures that only the authorized parties who have the same key can access the encrypted data, while preventing unauthorized parties from reading or modifying it. Therefore, private key encryption is mainly used to protect the confidentiality of data, which is the security concern that deals with preventing unauthorized disclosure of information2.
Confidentiality is one of the three main goals of information security, along with integrity and availability. Integrity refers to the security concern that deals with preventing unauthorized modification or corruption of information. Availability refers to the security concern that deals with ensuring timely and reliable access to information2. Authorization, on the other hand, is not a security concern, but a security mechanism that deals with granting or denying access rights to information based on predefined policies and rules3.
A cloud developer chooses to use private key encryption for all traffic in a new application. This best describes the security concern of confidentiality, as the developer wants to ensure that only the intended recipients can access the encrypted data, while keeping it secret from anyone else. Reference: 1: https://www.comptia.org/training/books/cloud-essentials-clo-002-study-guide, Chapter 8, page 274-275 2: https://www.comptia.org/training/books/cloud-essentials-clo-002-study-guide, Chapter 8, page 263-264 3: https://www.comptia.org/training/books/cloud-essentials-clo-002-study-guide, Chapter 8, page 268-269