Which of the following is built into the hardware of most laptops but is not setup for centralized
management by default?
A.
Whole disk encryption
Cloud storage
Database encryption
B.
TPM encryption
Removal Media
USB encryption
C.
USB encryption
TPM
Whole disk encryption
D. Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
Individual file encryption
File encryption can be used to protect the contents of individual files. It uses randomly generated
symmetric encryption keys for the file and stores the key in an encrypted form using the user’s public key
on the encrypted file.
2014, pp. 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 236, 237, 252,
255
QUESTION 108
A hospital IT department wanted to secure its doctor’s tablets. The IT department wants operating
system level security and the ability to secure the data from alteration. Which of the following methods
would MOST likely work?
Wiping
Wiping is the process of removing data from a device so that it is no longer recoverable. This is usually
done when the device is to be decommissioned or discarded. It does not provide data security while the
device is in use.
2014, pp. 206, 237
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 252-253
QUESTION 109
Which of the following hardware based encryption devices is used as a part of multi-factor authentication
to access a secured computing system?
TPM
D. Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
Individual file encryption
File encryption can be used to protect the contents of individual files. It uses randomly generated
symmetric encryption keys for the file and stores the key in an encrypted form using the user’s public key
on the encrypted file.
2014, pp. 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 236, 237, 252,
255
QUESTION 108
A hospital IT department wanted to secure its doctor’s tablets. The IT department wants operating
system level security and the ability to secure the data from alteration. Which of the following methods
would MOST likely work?
Wiping
Wiping is the process of removing data from a device so that it is no longer recoverable. This is usually
done when the device is to be decommissioned or discarded. It does not provide data security while the
device is in use.
2014, pp. 206, 237
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 252-253
QUESTION 109
Which of the following hardware based encryption devices is used as a part of multi-factor authentication
to access a secured computing system?
TPM
A.
Whole disk encryption
Cloud storage
Database encryption
B.
TPM encryption
Removal Media
USB encryption
C.
USB encryption
TPM
Whole disk encryption
D. Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
Individual file encryption
File encryption can be used to protect the contents of individual files. It uses randomly generated
symmetric encryption keys for the file and stores the key in an encrypted form using the user’s public key
on the encrypted file.
2014, pp. 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 236, 237, 252,
255
QUESTION 108
A hospital IT department wanted to secure its doctor’s tablets. The IT department wants operating
system level security and the ability to secure the data from alteration. Which of the following methods
would MOST likely work?
Wiping
Wiping is the process of removing data from a device so that it is no longer recoverable. This is usually
done when the device is to be decommissioned or discarded. It does not provide data security while the
device is in use.
2014, pp. 206, 237
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 252-253
QUESTION 109
Which of the following hardware based encryption devices is used as a part of multi-factor authentication
to access a secured computing system?
TPM
D. Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
Individual file encryption
File encryption can be used to protect the contents of individual files. It uses randomly generated
symmetric encryption keys for the file and stores the key in an encrypted form using the user’s public key
on the encrypted file.
2014, pp. 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 236, 237, 252,
255
QUESTION 108
A hospital IT department wanted to secure its doctor’s tablets. The IT department wants operating
system level security and the ability to secure the data from alteration. Which of the following methods
would MOST likely work?
Wiping
Wiping is the process of removing data from a device so that it is no longer recoverable. This is usually
done when the device is to be decommissioned or discarded. It does not provide data security while the
device is in use.
2014, pp. 206, 237
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 252-253
QUESTION 109
Which of the following hardware based encryption devices is used as a part of multi-factor authentication
to access a secured computing system?
TPM
A.
Whole disk encryption
Cloud storage
Database encryption
B.
TPM encryption
Removal Media
USB encryption
C.
USB encryption
TPM
Whole disk encryption
D. Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
Individual file encryption
File encryption can be used to protect the contents of individual files. It uses randomly generated
symmetric encryption keys for the file and stores the key in an encrypted form using the user’s public key
on the encrypted file.
2014, pp. 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 236, 237, 252,
255
QUESTION 108
A hospital IT department wanted to secure its doctor’s tablets. The IT department wants operating
system level security and the ability to secure the data from alteration. Which of the following methods
would MOST likely work?
Wiping
Wiping is the process of removing data from a device so that it is no longer recoverable. This is usually
done when the device is to be decommissioned or discarded. It does not provide data security while the
device is in use.
2014, pp. 206, 237
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 252-253
QUESTION 109
Which of the following hardware based encryption devices is used as a part of multi-factor authentication
to access a secured computing system?
TPM
Explanation:
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the
system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores
cryptographic keys, passwords, or certificates.
Incorrect Answers:A Whole disk and device encryption encrypts the data on the device. This feature ensures that the data
on the device cannot be accessed in a useable form should the device be stolen. This encryption can be
provided by a hardware solution, such as TPM or HSM, or a software solution.
C: USB encryption is provided by the vendor of the USB device or by a tool from a third party. It is not
included in the hardware of a laptop.Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the
system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores
cryptographic keys, passwords, or certificates.
Incorrect Answers:
A: Cloud storage involves using an online storage provider to host data. The operating system would most
likely not be installed on cloud storage. Therefore securing removable media would not provide operating
system level security.
B: Removable media includes tape drives, recordable compact disks (CD-Rs), diskettes, memory cards,
etc. The operating system would most likely not be installed on removable media. Therefore securing
removable media would not provide operating system level security.Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the
system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores
cryptographic keys, passwords, or certificates.
Incorrect Answers:
A: Database encryption makes use of cryptography functions that are built into the database software to
encrypt the data stored in the data base. Encryption protects data on storage devices it is not an
authentication mechanism.
B: USB encryption is provided by the vendor of the USB device or by a tool from a third party. Encrypting
the data on a USB protects the data on the USB; it is not an authentication mechanism.
C: Whole disk encryption protects the data on hard drives of devices it is not an authentication
mechanism.Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 237
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 252, 255