What is data encryption at rest vs in transit? Provide examples

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Enhance your cyber defense skills with the Security Blue Team Level 1 Test. Prepare with flashcards, multiple choice questions, and detailed explanations to ace your exam!

Multiple Choice

What is data encryption at rest vs in transit? Provide examples

Explanation:
Encryption serves two different protections: data at rest and data in transit. Data at rest encryption keeps stored information unreadable on disks, databases, backups, or devices, so if someone gains access to the storage they can’t read the data without the key. Examples include full-disk encryption (BitLocker, FileVault), database or table-level encryption, and encrypted backups or cloud storage (AES-256, envelope encryption). Data in transit encryption protects information as it moves across networks, preventing eavesdropping or tampering. Examples are TLS/HTTPS for websites and APIs, STARTTLS for email, SSH for remote administration, and VPNs (IPsec or TLS-based) for secure network connections. The best description is that stored data is protected when at rest, while data moving over networks is protected in transit. The other options mix up these concepts or limit encryption to the cloud, which isn’t accurate.

Encryption serves two different protections: data at rest and data in transit. Data at rest encryption keeps stored information unreadable on disks, databases, backups, or devices, so if someone gains access to the storage they can’t read the data without the key. Examples include full-disk encryption (BitLocker, FileVault), database or table-level encryption, and encrypted backups or cloud storage (AES-256, envelope encryption).

Data in transit encryption protects information as it moves across networks, preventing eavesdropping or tampering. Examples are TLS/HTTPS for websites and APIs, STARTTLS for email, SSH for remote administration, and VPNs (IPsec or TLS-based) for secure network connections.

The best description is that stored data is protected when at rest, while data moving over networks is protected in transit. The other options mix up these concepts or limit encryption to the cloud, which isn’t accurate.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy