Exam4Training

Which competitive advantage does the IBM TS115O solution provide?

A customer needs to exchange encrypted data cartridges with another company. A competitor offers a solution that encrypts the data with static keys loaded into the tape drives. IBM proposes IBM TS1150 tape drives using the built-in encryption feature.

Which competitive advantage does the IBM TS115O solution provide?
A . It stores keys in the drive that can then be exported to partners in a secure format.
B . It compresses the data before encrypting to achieve a better compression ratio.
C . It writes a unique encrypted data key on the cartridge using public/private key pairs.
D . It achieves better throughput by encrypting and compressing data at the same time

Answer: C

Explanation:

How the encryption key server processes encryption keys

In system-managed and library-managed tape encryption, unencrypted data (clear text) is sent to the tape

drive (TS1150 Tape Drive, TS1140 Tape Drive, TS1130 Tape Drive or TS1120 Tape Drive), and converted

to ciphertext using a symmetric 256-bit AES Data Key (DK) generated by the encryption key server. The

ciphertext is then written to tape. The encryption key server uses a single, unique Data Key for each

Enterprise Tape Cartridge. This Data Key is also encrypted, or wrapped, by the encryption key server

using the public key from an asymmetric Key Encrypting Key (KEK) pair. This process creates an

Externally Encrypted Data Key (EEDK). The EEDK is written to the cartridge memory and to three

additional places on the tape media in the cartridge. The tape cartridge now holds both the encrypted data

and the means to decrypt it for anyone holding the private part of the KEK pair.

The DK may also be wrapped a second time using the public key of another party to create an additional

EEDK. Both EEDKs can be stored on the tape cartridge. In this way, the tape cartridge can be shipped to

a business partner holding the corresponding private key. That private key would allow the DK to be

unwrapped and the tape decrypted by the business partner.

References:https://www.ibm.com/support/knowledgecenter/en/STFS69_3.3.0/ts7740_encryption_keys.ht

ml

Exit mobile version