When transmitting data in transit, which statement correctly describes the requirement for encryption strength?

• A. It is acceptable to use weaker encryption if performance is a concern.
• B. The encryption strength must be appropriate for the encryption method in use.
• C. Encryption strength must always be the maximum available.
• D. The encryption strength should be appropriate for the encryption methodology in use.

Answer: (D)

When data is in transit, the protection level comes from using strong cryptography that fits the chosen method. The best answer says that the encryption strength should be appropriate for the encryption methodology in use, meaning you select a key length and cipher that provide adequate protection for the protocol and risk level, without automatically requiring the absolute maximum strength in every case. This balances security with practicality and compatibility: you avoid weak, deprecated algorithms, but you don’t assume you must always use the strongest possible option. In practice, a modern, well-supported method (like TLS with current cipher suites) is considered appropriate, whereas using outdated or weak techniques would be insufficient.