Certificate of Cloud Security Knowledge (CCSK) — Question 150

How can key management be leveraged to prevent cloud providers from inappropriately accessing customer data?

Answer options

• A. Use strong multi-factor authentication
• B. Secure backup processes for key management systems
• C. Segregate keys from the provider hosting data
• D. Stipulate encryption in contract language
• E. Select cloud providers within the same country as customer

Correct answer: C

Explanation

The correct answer is C because segregating keys from the provider ensures that they do not have access to the encryption keys, thereby protecting customer data from unauthorized access. Options A, B, D, and E do not directly prevent the provider from accessing data, as they focus on authentication, backup security, contractual agreements, and geographic considerations instead of key segregation.