Which of the following is built into the hardware of most laptops but is not setup for centralized management by default?
A.
Whole disk encryption
Cloud storage
B.
TPM encryption
Removal Media
C.
USB encryption
TPM
D.
Individual file encryption
File encryption can be used to protect the contents of individual files. It uses randomly generated symmetric encryption keys for the file and stores the key in an
encrypted form using the user’s public key on the encrypted file.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 236, 237, 252, 255
QUESTION 381
A hospital IT department wanted to secure its doctor’s tablets. The IT department wants operating system level security and the ability to secure the data from
alteration. Which of the following methods would MOST likely work?
Wiping
D.
Individual file encryption
File encryption can be used to protect the contents of individual files. It uses randomly generated symmetric encryption keys for the file and stores the key in an
encrypted form using the user’s public key on the encrypted file.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 236, 237, 252, 255
QUESTION 381
A hospital IT department wanted to secure its doctor’s tablets. The IT department wants operating system level security and the ability to secure the data from
alteration. Which of the following methods would MOST likely work?
Wiping
A.
Whole disk encryption
Cloud storage
B.
TPM encryption
Removal Media
C.
USB encryption
TPM
D.
Individual file encryption
File encryption can be used to protect the contents of individual files. It uses randomly generated symmetric encryption keys for the file and stores the key in an
encrypted form using the user’s public key on the encrypted file.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 236, 237, 252, 255
QUESTION 381
A hospital IT department wanted to secure its doctor’s tablets. The IT department wants operating system level security and the ability to secure the data from
alteration. Which of the following methods would MOST likely work?
Wiping
Explanation:
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps
with hash key generation and stores cryptographic keys, passwords, or certificates.
Incorrect Answers:
A Whole disk and device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should
the device be stolen. This encryption can be provided by a hardware solution, such as TPM or HSM, or a software solution.
C: USB encryption is provided by the vendor of the USB device or by a tool from a third party.
It is not included in the hardware of a laptop.Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps
with hash key generation and stores cryptographic keys, passwords, or certificates.
Incorrect Answers:
A: Cloud storage involves using an online storage provider to host data. The operating system would most likely not be installed on cloud storage. Therefore
securing removable media would not provide operating system level security.
B: Removable media includes tape drives, recordable compact disks (CD-Rs), diskettes, memory cards, etc. The operating system would most likely not be
installed on removable media. Therefore securing removable media would not provide operating system level security. D. Wiping is the process of removing data
from a device so that it is no longer recoverable. This is usually done when the device is to be decommissioned or discarded. It does not provide data security while
the device is in use.Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 206, 237
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 252-