Which is the BEST way to protect data in use against memory-scraping attacks?
A CISSP practice question covering Domain 2: Asset Security. Try answering before reading the explanation below.
Show options & answer
Why "Trusted execution environments / enclaves (TEE/SGX)" is the right answer
TEEs (Intel SGX, AMD SEV, ARM TrustZone) keep data encrypted even in RAM, isolating from the host OS. Disk encryption protects at rest; TLS protects in transit. Passwords are unrelated.
Take the full CISSP practice test
120 questions, instant explanations, study-video links on every miss. No account.