An enterprise with global sites processes and exchanges highly sensitive information that is protected under several countries' arms trafficking laws. There is new information that malicious nation-state-sponsored activities are targeting the use of encryption between the geographically disparate sites. The organization currently employs ECDSA and ECDH with P-384, SHA-384, and AES-256-GCM on VPNs between sites. Which of the following techniques would MOST likely improve the resilience of the enterprise to attack on cryptographic implementation?
A) Add a second-layer VPN from a different vendor between sites.
B) Upgrade the cipher suite to use an authenticated AES mode of operation.
C) Use a stronger elliptic curve cryptography algorithm.
D) Implement an IDS with sensors inside (clear-text) and outside (cipher-text) of each tunnel between sites.
E) Ensure cryptography modules are kept up to date from vendor supplying them.

Question

Quizplus · Accepted Answer

The Answer of An enterprise with global sites processes and exchanges highly sensitive information that is protected under several countries' arms trafficking laws. There is new information that malicious nation-state-sponsored activities are targeting the use of encryption between the geographically disparate sites. The organization currently employs ECDSA and ECDH with P-384, SHA-384, and AES-256-GCM on VPNs between sites. Which of the following techniques would MOST likely improve the resilience of the enterprise to attack on cryptographic implementation?
A) Add a second-layer VPN from a different vendor between sites.
B) Upgrade the cipher suite to use an authenticated AES mode of operation.
C) Use a stronger elliptic curve cryptography algorithm.
D) Implement an IDS with sensors inside (clear-text) and outside (cipher-text) of each tunnel between sites.
E) Ensure cryptography modules are kept up to date from vendor supplying them.

An Enterprise with Global Sites Processes and Exchanges Highly Sensitive