Which security algorithms are used for MSDP in NetBackup?

The correct answer is AES 256 bit CTR encryption and SHA256/SHA-2 fingerprinting. In NetBackup, MSDP stands for Media Server Deduplication Pool, and its security model protects deduplicated data using modern encryption and fingerprinting algorithms. Cohesity NetBackup documentation identifies the MSDP data-at-rest cipher as AES-256-CTR, specifically listing “MSDP: AES-256-CTR” under NetBackup data-at-rest encryption ciphers. For fingerprinting, Cohesity documents that NetBackup 8.1 introduced a more secure MSDP fingerprint algorithm where the SHA-2 algorithm replaces the existing MD5-like algorithm. The upgrade documentation further explains that rolling MSDP data conversion converts older containers to the AES encryption and SHA-2 fingerprint algorithm, confirming that Blowfish and MD5-like fingerprints are legacy mechanisms rather than the current MSDP security standard. Therefore, option A is the only choice that combines the correct MSDP encryption mode, AES-256-CTR, with the correct secure fingerprinting family, represented in the option as SHA256 fingerprinting. References/topics: NetBackup Security and Encryption Guide, Ciphers used in NetBackup, MSDP fingerprinting algorithm changes, and MSDP rolling data conversion.