CompTIA CASP+ (CAS-004) — Question 148

A security analyst sees that a hacker has discovered some keys and they are being made available on a public website. The security analyst is then able to successfully decrypt that data using the keys from the website. Which of the following should the security analyst recommend to protect the affected data?

Answer options

• A. Key rotation
• B. Key escrow
• C. Zeroization
• D. Cryptographic obfuscation

Correct answer: A

Explanation

Key rotation is the best recommendation because it involves changing the keys regularly to prevent unauthorized access to encrypted data. The other options, such as key escrow or zeroization, do not address the immediate need to replace the compromised keys, while cryptographic obfuscation does not provide true security against decryption.