Why does HDFS encryption at rest use a two-tier key system involving Data Encryption Keys (DEKs) and Key Encryption Keys (KEKs)?

hard📝 Conceptual Q10 of 15

Hadoop - Security

ATo speed up data processing by using two keys simultaneously

BTo improve security by encrypting DEKs with KEKs stored in KMS

CTo allow users to choose which key to use for each file

DTo store keys on DataNodes for faster access

Step-by-Step Solution

Solution:

Step 1: Understand DEKs and KEKs roles
DEKs encrypt data blocks; KEKs encrypt DEKs for secure storage.
Step 2: Reason why two-tier system is used
This separation enhances security by protecting DEKs with KEKs managed in KMS.
Final Answer:
To improve security by encrypting DEKs with KEKs stored in KMS -> Option B
Quick Check:
Two-tier keys = better security [OK]

Quick Trick: KEKs protect DEKs, enhancing encryption security [OK]

Common Mistakes:

Master "Security" in Hadoop

9 interactive learning modes - each teaches the same concept differently

Want More Practice?

15+ quiz questions · All difficulty levels · Free

More Hadoop Quizzes