CompTIA Security+ (SY0-501) — Question 703

When a malicious user is able to retrieve sensitive information from RAM, the programmer has failed to implement:

Answer options

• A. session keys.
• B. encryption of data at rest.
• C. encryption of data in use.
• D. ephemeral keys.

Correct answer: C

Explanation

The correct answer is C because encryption of data in use protects sensitive information while it is being processed in RAM. Options A and D relate to session and ephemeral keys, which are not directly about protecting data in memory. Option B refers to data at rest, which does not address RAM access.