Certified Internal Auditor (CIA) Part 3: Business Knowledge for Internal Auditing — Question 99

Which of the following storage options would give the organization the best chance of recovering data?

Answer options

• A. Encrypted physical copies of the data and their encryption keys are stored together at the organization and are readily available upon request
• B. Encrypted physical copies of the data are stored separately from their encryption keys: and both are held in secure locations a few hours away from the organization
• C. Encrypted reports on usage and database structure changes are stored on a cloud-based secured database that is readily accessible
• D. Encrypted copies of the data are stored in a separate secure location a few hours away while the encryption keys are stored at the organization and are readily available

Correct answer: B

Explanation

Option B is the best choice as it ensures that both the data and the encryption keys are stored securely and separately, minimizing the risk of loss in case of a disaster. The other options either store the keys and data together, which increases vulnerability, or do not provide the same level of physical separation and security as option B.