CompTIA CASP+ (CAS-004) — Question 495
An organization is deploying a container-based application that requires persistence of sensitive information on the filesystem. The filesystem will be deployed into a cloud environment. The information that will persist will include PII. Which of the following solutions would be best to ensure confidentiality of information at rest?
Answer options
- A. Triple DES
- B. AES-GCM
- C. RSA
- D. TLS
- E. RIPEMD
Correct answer: B
Explanation
AES-GCM is the best choice for ensuring the confidentiality of data at rest due to its strong encryption capabilities and built-in authentication features. Triple DES, while secure, is outdated and not as efficient as AES. RSA is primarily used for encryption and digital signatures rather than for encrypting data at rest, and TLS is used for secure communication rather than data storage. RIPEMD is a hashing algorithm, not suitable for encryption.