Some of the security controls that were selected during Phase 2 of RMF included data encryption. There was some confusion in the working group meeting this week regarding the need for multiple encryption solutions in the implementation and assessment phases (3&4). Consider the difference between data at rest (storage) encryption and data in transit (transmission) encryption. Describe a possible implementation solution for each of these cases and explain if it falls within the symmetric or asymmetric model. Provide an assessment of the strengths and weaknesses of the proposed solution options.
Get a comprehensive answer to this question