From the course: Cloud Data, Platform, and Applications Security by Pearson
Join today to access over 25,200 courses taught by industry experts.
Phase 5: Archive
From the course: Cloud Data, Platform, and Applications Security by Pearson
Phase 5: Archive
On the exam, it's critical to remember that the archive phase is distinctly separate than the store phase. We're talking about long-term storage. Usually the word cold is associated with archival. For example, we have AWS Glacier or Google Cold Storage, things like that. It could be sanitized, the data can be, or possibly tokenized before archived. That's not uncommon. We are going to use stringent cryptography, for example, AES-GCM-256. Now on the slide, we notice that AES-GCM-256 is an AEAD. AEAD stands for Authenticated Encryption with Associated Data. So what that really means is when you're using AES-GCM-256, it has its own built-in GMAC. So it's its own built-in integrity and origin authentication mechanism. So you don't need to use a separate HMAC like SHA-2 or SHA-384 when you're using this mode of AES. And it's very common to use this mode for archival or cold storage. is often automated, and often based on governance or regulations or mandates. With archival storage, just…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.