ISC2 CISSP Practice Question

The correct answer is Power Analysis. Power analysis is a specific type of side-channel attack that monitors the power consumption of a device during cryptographic operations. By analyzing the variations in power consumption patterns, attackers can potentially extract sensitive information such as cryptographic keys.

Differential Power Analysis (DPA) and Simple Power Analysis (SPA) are common techniques where attackers measure power consumption during cryptographic operations to deduce secret information. The observed correlation between electrical usage and operations being performed is a classic indicator of vulnerability to power analysis attacks.

Fault injection involves deliberately introducing errors into a Hardware Security Module (HSM) to cause it to behave incorrectly and potentially reveal cryptographic secrets, but does not focus on monitoring energy consumption. Timing attacks exploit the time taken to perform cryptographic operations rather than power consumption. Electromagnetic analysis focuses on radiation emissions rather than direct power consumption patterns.