Test Your Knowledge – Do you know how to protect your Data at Rest?

Critical data is generated from, and stored, everywhere - from the cloud, to enterprise data centers, to our PCs and mobile systems at the tactical edge. When it comes to ensuring mission success, classified data must be protected with the highest assurance. Are you protecting your Data at Rest?

Test your knowledge today to see how much you know about safeguarding your Data at Rest from risk.

Choose The Correct Answer To Each Question

Correct!
There is more Data at Rest (DaR) than Data in Transit in the world. Data on a computer’s hard drive or removable drive, data on a USB stick, data on a server and archived emails are examples of Data at Rest. Data that is in motion, such as internet traffic, file transfers and emails, or data that is being acted upon or processed, such as data undergoing transformation by software, is not considered Data at Rest.

Not exactly.
There is more Data at Rest (DaR) than Data in Transit in the world. Data on a computer’s hard drive or removable drive, data on a USB stick, data on a server and archived emails are examples of Data at Rest. Data that is in motion, such as internet traffic, file transfers and emails, or data that is being acted upon or processed, such as data undergoing transformation by software, is not considered Data at Rest.

Not quite. The correct answer is E, all of the above.
Stored data is everywhere and is at the center of nearly everything we do on a daily basis. The need for DaR encryption is growing. Emerging requirements consist of: manned and unmanned tactical vehicles and ISR platforms in the air, land and sea domains; high speed, file/object based encryption and proprietary interfaces in enterprise applications, the cloud and data centers; as well as mobile communications kits and personal devices such as smart phones, PCs and tablets in mobile applications.

Not quite. The correct answer is E, all of the above.
Stored data is everywhere and is at the center of nearly everything we do on a daily basis. The need for DaR encryption is growing. Emerging requirements consist of: manned and unmanned tactical vehicles and ISR platforms in the air, land and sea domains; high speed, file/object based encryption and proprietary interfaces in enterprise applications, the cloud and data centers; as well as mobile communications kits and personal devices such as smart phones, PCs and tablets in mobile applications.

Not quite. The correct answer is E, all of the above.
Stored data is everywhere and is at the center of nearly everything we do on a daily basis. The need for DaR encryption is growing. Emerging requirements consist of: manned and unmanned tactical vehicles and ISR platforms in the air, land and sea domains; high speed, file/object based encryption and proprietary interfaces in enterprise applications, the cloud and data centers; as well as mobile communications kits and personal devices such as smart phones, PCs and tablets in mobile applications.

Not quite. The correct answer is E, all of the above.
Stored data is everywhere and is at the center of nearly everything we do on a daily basis. The need for DaR encryption is growing. Emerging requirements consist of: manned and unmanned tactical vehicles and ISR platforms in the air, land and sea domains; high speed, file/object based encryption and proprietary interfaces in enterprise applications, the cloud and data centers; as well as mobile communications kits and personal devices such as smart phones, PCs and tablets in mobile applications.

Correct!
Stored data is everywhere and is at the center of nearly everything we do on a daily basis. The need for DaR encryption is growing. Emerging requirements consist of: manned and unmanned tactical vehicles and ISR platforms in the air, land and sea domains; high speed, file/object based encryption and proprietary interfaces in enterprise applications, the cloud and data centers; as well as mobile communications kits and personal devices such as smart phones, PCs and tablets in mobile applications.

Not exactly.
CSfC devices require multiple forms of key material (typically a “known secret” such as a PIN, password, or passphrase) due to its multi layered nature. Type 1 devices with pre-placed keys are designed to ease data handling across multiple locations. These encryptors allow the same key to be loaded onto multiple encryptors. In addition, Type 1 devices are able to identify the necessary key to be loaded; a feature that prevents accidental data overwriting, and simplified startup configuration.

You got it!
CSfC devices require multiple forms of key material (typically a “known secret” such as a PIN, password, or passphrase) due to its multi layered nature. Type 1 devices with pre-placed keys are designed to ease data handling across multiple locations. These encryptors allow the same key to be loaded onto multiple encryptors. In addition, Type 1 devices are able to identify the necessary key to be loaded; a feature that prevents accidental data overwriting, and simplified startup configuration.

Correct!
A Type 1 DaR encryption device is an end cryptographic unit (ECU) that is certified by the National Security Agency (NSA) to encrypt and decrypt classified stored national security information when appropriately keyed.

That's not right.
A Type 1 DaR encryption device is an end cryptographic unit (ECU) that is certified by the National Security Agency (NSA) to encrypt and decrypt classified stored national security information when appropriately keyed.

Exactly!
Type 1 DaR encryption allows multiple classification levels to be stored within a single storage array and location, which provides significant cost savings associated with facilities, overhead and equipment.

Not exactly.
Type 1 DaR encryption allows multiple classification levels to be stored within a single storage array and location, which provides significant cost savings associated with facilities, overhead and equipment.

Not exactly.
Classified data must be encrypted with a Type 1 device in order for the storage media to be handled as unclassified and shipped via commercial couriers (e.g. FedEx). Without Type 1 encryption, storage media containing classified data must be handled at its designated classified level, which places restrictions on transporting, thus increasing the time between data collection and analysis.

Yes!
Classified data must be encrypted with a Type 1 device in order for the storage media to be handled as unclassified and shipped via commercial couriers (e.g. FedEx). Without Type 1 encryption, storage media containing classified data must be handled at its designated classified level, which places restrictions on transporting, thus increasing the time between data collection and analysis.

You got it!
Commercial solutions tend to have vulnerabilities in the placement of the key that make them unsuitable and unlikely to meet Information Assurance (IA) requirements. Type 1 encryption products and the Commercial Solutions for Classified (program (CSfC) are the options that Government IA experts consider to meet classified DaR encryption requirements.

Incorrect.
Commercial solutions tend to have vulnerabilities in the placement of the key that make them unsuitable and unlikely to meet Information Assurance (IA) requirements. Type 1 encryption products and the Commercial Solutions for Classified (program (CSfC) are the options that Government IA experts consider to meet classified DaR encryption requirements.

That's not right.
CSfC solutions require at least two independent layers of approved products from the CSfC APL designed together by a Trusted Integrator according to NSA specified Capability Packages. This process can take several months to design and even longer to register the solution for a specific application. Type 1 solutions are single, certified products developed with high assurance standards, are NSA certified for broad use and can be purchased off standard contract vehicles. Decision makers must remember to compare Type 1 products to total, integrated CSfC solutions, not individual parts.

That's right!
CSfC solutions require at least two independent layers of approved products from the CSfC APL designed together by a Trusted Integrator according to NSA specified Capability Packages. This process can take several months to design and even longer to register the solution for a specific application. Type 1 solutions are single, certified products developed with high assurance standards, are NSA certified for broad use and can be purchased off standard contract vehicles. Decision makers must remember to compare Type 1 products to total, integrated CSfC solutions, not individual parts.

Exactly!
Various Federal policies require cryptographic protection commensurate with the risk and magnitude of the harm resulting from unauthorized access. For more information, visit Gdmissionsystems.com/DaRPolicy.

Not quite.
Various Federal policies require cryptographic protection commensurate with the risk and magnitude of the harm resulting from unauthorized access. For more information, visit Gdmissionsystems.com/DaRPolicy.

You got it!
Type 1 solutions are designed for mission requirements, which often include embedment in SWAP restricted platforms and rugged environments to ensure product reliability and performance when it matters most. Because the CSfC solutions concept of multiple layers of equipment provides redundant security, it also adds Size, Weight, Power and Cost (SWAP-C) to the total initial purchase. This type of solution also adds post-installation maintenance and labor costs to remain compliant.

Not exactly.
Type 1 solutions are designed for mission requirements, which often include embedment in SWAP restricted platforms and rugged environments to ensure product reliability and performance when it matters most. Because the CSfC solutions concept of multiple layers of equipment provides redundant security, it also adds Size, Weight, Power and Cost (SWAP-C) to the total initial purchase. This type of solution also adds post-installation maintenance and labor costs to remain compliant.

Want more information on Data-at-Rest technology?

Request the whitepapers “Examining Data at Rest Encryption Whitepaper” and "The Growing Need To Protect Classified Data At Rest Whitepaper" by filling out the form below.

Data at Rest Resources

ProtecDaR General Dynamics Logo Grid

Data at Rest Encryption

The ProtecD@R portfolio provides inline media encryption to protect our Nation’s most sensitive data at rest (DaR).

Learn more about the ProtecD@R portfolio

GD Live Webinar Graphic

On-Demand Webinars

Learn about the latest technology trends to secure your Data at Rest with our GD Live webinar series.

Request On-Demand Webinars

Data At Rest Policies Federal Compliance

Federal Policies For DAR

Federal DaR policy is changing. Understand your organization's policy on DaR to assist with planning, reduce risk, and avoid IA roadblocks on your system/platform.

Find Your Organization's DAR Policy

The Need for Data at Rest Encryption

Critical data is generated from, and stored, everywhere. Classified data must be protected with the highest assurance. The need for Data at Rest encryption is growing.