ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
You are building a fleet of battery-powered IoT sensors that will connect to AWS IoT Core over TLS and must sign each message they send. Because the microcontrollers have limited CPU power and very small flash storage, you need an asymmetric algorithm that supplies strong security while minimizing computational load and key size. Which cryptographic choice is most appropriate for the device firmware?
Generate a SHA-256 hash of each message combined with a shared secret to prove authenticity.
Use RSA with 4096-bit keys for device certificates during TLS negotiation.
Use ECDSA with a 256-bit elliptic curve key pair for device certificates and TLS handshakes.
Configure each sensor with a unique 192-bit 3DES symmetric key shared with AWS IoT Core.
Elliptic Curve Digital Signature Algorithm (ECDSA) with a 256-bit key provides security strength comparable to 3072-bit RSA while using far smaller keys and requiring much less CPU processing-benefits that are critical for constrained IoT hardware. Large-key RSA (for example, 4096-bit) delivers equivalent security only at a significantly higher cost in processing time, power, and bandwidth. Pre-shared symmetric keys such as 3DES do not offer scalable asymmetric authentication, and a simple SHA-256 hash with a shared secret is an HMAC, which cannot supply the public-key-based authentication required for mutual TLS. Therefore, ECDSA with a 256-bit curve is the best fit.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is ECDSA and why is it suitable for IoT devices?
Open an interactive chat with Bash
How does an elliptic curve key pair differ from RSA keys?
Open an interactive chat with Bash
Why is 3DES or HMAC insufficient for mutual TLS in IoT devices?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Cryptography
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .