They can achieve this by:

seenagapeFebruary 3, 2017

The systems administrator wishes to implement a hardware-based encryption method that could also be used to sign code. They can achieve this by:

PrepAway - Latest Free Exam Questions & Answers

A.
Utilizing the already present TPM.
Thumb drives present a significant threat which is mitigated by HSM.

B.
Configuring secure application sandboxes.
Software encryption can perform multiple functions required by HSM.

C.
Enforcing whole disk encryption.
Data loss by removable media can be prevented with DLP.

D.
Moving data and applications into the cloud.
Moving data and applications to the cloud does not ensure that the data or applications are encrypted in its new location.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 204-205, 237
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 250
QUESTION 384
Which of the following BEST explains the use of an HSM within the company servers?
Hardware encryption is faster than software encryption.

A.
Utilizing the already present TPM.
Thumb drives present a significant threat which is mitigated by HSM.

B.
Configuring secure application sandboxes.
Software encryption can perform multiple functions required by HSM.

C.
Enforcing whole disk encryption.
Data loss by removable media can be prevented with DLP.

Explanation:
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps
with hash key generation and stores cryptographic keys, passwords, or certificates.
Incorrect Answers:
B: Sandboxing is the process of isolating a system before installing new applications on it so as to restrict any potential harm it may cause to production systems.
C: Whole disk encryption can be implemented by either a software-based cryptography solutions or by a hardware based solution such as a Trusted Platform
Module (TPM) or a Hardware Security Module (HSM).
Hardware Security Module (HSM) is a cryptoprocessor that can be used to enhance security. It provides a fast solution for the for large asymmetrical encryption
calculations and is much faster than software-based cryptographic solutions.
Incorrect Answers:
A: Hardware Security Module (HSM) is a cryptoprocessor that can be used to enhance security. HSM is usually used in conjunction with PKI to enhance security
with certification authorities (CAs). PKI secures communication. It does not secure thumb drives.
B: Hardware Security Module (HSM) is a cryptoprocessor that can be used to enhance security. HSM is usually used in conjunction with PKI to enhance security
with certification authorities (CAs). It provides encryption functions rather than requiring it.
C: Data loss prevention (DLP) is designed detect and prevent unauthorized access to sensitive information. It may involve content inspection, storage and
transmission encryption, contextual assessment, monitoring authorizations, and centralized management. It can make use of software-based cryptographic
solutions, of hardware-based cryptographic solutions such as HSM.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 238, 278
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 254-

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

CompTIA Exam Questions

Free CompTIA Study Guide

They can achieve this by:

Leave a Reply Cancel reply