After copying a sensitive document from his desktop to a flash drive, Joe, a user, realizes that the
document is no longer encrypted. Which of the following can a security technician implement to
ensure that documents stored on Joe’s desktop remain encrypted when moved to external media
or other network based storage?
A.
Whole disk encryption
B.
Removable disk encryption
C.
Database record level encryption
D.
File level encryption
Explanation:
The answer is Removable Disk Encryption
0
0
A thing to remember for the exam:
–Whole Disk Encryption – As a rule refers to a Hard Disk Drive and not an external drive (such as a USB)
— Removable disk encryption: Clearly refers to an external drive, such as a USB, and not to a HDD.
So in here we have a case where an encrypted file in the HDD was copied to the USB drive and by doing so lost its encryption.
PROCESS OF ELIMINATION:
This means that:
“(A) Whole disk encryption” was already in use at the source media.
(C) is also out, as there is no mention that the file is a database. Database encryption is the process of converting data, within a database, in plain text format into a meaningless cipher text by means of a suitable algorithm.
So it is a tossup between “(B) Removable disk encryption” and “(D) File level encryption.”
At face value, it would appear that “(B) Removable disk encryption” would be the best answer.
Yet I would like to contend that “(D) File level encryption” should remain the best answer for the following reasons.
(*) The issue with “(B) Removable disk encryption” is that there is no way for the administrator to check every USB connected to the system in order to ensure that it is indeed encrypted. So he/she must rely on the user’s honesty/integrity/ technical know-how on the matter. On this case the user was the one raising the issue. But what if the user was not even aware of the fact that the file lost its encryption? What then?
(*) Also, there is no way that the system administrator can ensure that all encrypted files will be copied to an equally encrypted USB.
In this scenario, we have a friendly person (an approve user) copying the file from the HDD to the USB. But what if it was a malicious user instead, who knows that copying the encrypted file to an un-encrypted USB would remove the encryption of said file? How will the System Administrator monitor that?
(*) In addition to that, the question clearly state that the files must remain encrypted when “moved to external media OR OTHER NETWORK BASED STORAGE”. “(B) Removable disk encryption” could handle the issue with
“External Media (ex. USB)”, but fails to ensure proper protection when the file is moved to “OTHER NETWORK BASED STORAGE (Ex NAS and SANS ) ”.
(*) NAS & SAN would require “(A) Whole disk encryption”, and not “(B) Removable disk encryption”
So the best way to ensure security would be for be for the Security Administrator to implement “(D) File level encryption” on all key files.
This way, the file shall remain encrypted:
Whether the file is being copied to an Encrypted USB/NAS/SAN or not
Whether the file is being copied by an authorized person or not
Whether the file is being copied for authorized reasons or not
Whether the file is being copied by a user who is technically aware or not
By enforcing “(D) File level encryption” the System Administrator rests assured that all the corners are covered and that whomever does whatever, the file shall always remain encrypted when “when moved to external media or other network based storage”
0
0