To answer this question, you need to understand the primary risks associated with using cryptographic protection for systems or data. Let's go through each option to understand why it is correct or incorrect:
Option A) Loss of the system may mean loss of all data - This option is not the primary risk of using cryptographic protection. While the loss of a system can result in data loss, it is not specific to cryptographic protection.
Option B) A hardware failure may lead to lost data or system integrity - This option is not the primary risk of using cryptographic protection. Hardware failures can occur in any system, regardless of whether cryptographic protection is used or not.
Option C) A disgruntled user may lead to denial of service - This option is the correct answer. The primary risk of using cryptographic protection is that a disgruntled user with access to the cryptographic keys or passwords can intentionally deny service to legitimate users by withholding or misusing the keys, rendering the system or data inaccessible.
Option D) An employee may hide his activities from the security department - This option is not the primary risk of using cryptographic protection. While cryptographic protection can be used to hide activities, it is not specific to cryptographic protection and can occur in any system.
The correct answer is C) A disgruntled user may lead to denial of service. This option is correct because it represents the primary risk of using cryptographic protection, where a user with access to the encryption keys can intentionally deny service to legitimate users.