ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

While designing a payment terminal that keeps cryptographic session keys in external DDR memory, you learn attackers might gain brief physical access and attempt a cold-boot or bus-sniffing attack to extract those keys. Which memory-level control would best preserve the confidentiality of the keys under this threat?

Insert stack canaries to detect and halt execution on buffer-overflow attempts affecting the call stack.
Enable on-the-fly memory encryption so that all reads and writes to external DRAM are automatically AES-encrypted with a key stored inside a secure element.
Increase DRAM wait-state cycles to reduce timing side channels during memory accesses.
Use error-correcting code (ECC) DRAM to detect and correct single-bit memory faults.

Report Issue

Answer Description

Cold-boot and direct memory-bus probing attacks exploit the fact that data stored in external DRAM is kept in clear text. A secure architecture can mitigate this by encrypting every memory transaction as it leaves the processor. When on-the-fly memory encryption is driven by a hardware cryptographic engine whose key is held in a secure element or one-time-programmable fuse, any data captured from the memory device is ciphertext and useless to an attacker.

Stack canaries detect stack overflows but do not stop physical readout of RAM contents. Adjusting wait-state timing improves performance compatibility, not confidentiality. ECC protects against bit flips, offering integrity and availability benefits but leaves data readable. Therefore, enabling hardware on-the-fly memory encryption with a securely stored key is the most effective option for safeguarding sensitive data in external memory from physical extraction.

Ask Bash

Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.