Which type of attack against AES exploits implementation timing or power consumption rather than cryptanalytic weakness?
A CISSP practice question covering Domain 3: Security Architecture and Engineering. Try answering before reading the explanation below.
Show options & answer
Why "Side-channel attack" is the right answer
Side-channel attacks measure physical phenomena (timing, power, EM emissions, sound) to extract keys without breaking the algorithm itself. Constant-time implementations and noise injection mitigate them. The other options are mathematical attack categories.
Study videos for this topic
Want to go deeper on Domain 3? Watch the full breakdown — every video is free, no account, no upsell.
CISSP Domain 3: Bell-LaPadula vs Biba (No More Mix-Ups)
Domain 3 — Security Architecture and Engineering
CISSP Domain 3: TPM, Reference Monitor, and TCB
Domain 3 — Security Architecture and Engineering
CISSP Domain 3: Cloud, ICS, IoT & Container Vulnerabilities
Domain 3 — Security Architecture and Engineering
CISSP Crypto: Which Key for Privacy vs Signing?
Domain 3 — Security Architecture and Engineering
Take the full CISSP practice test
120 questions, instant explanations, study-video links on every miss. No account.