A team of firewall administrators have access to a `master password list’ containing service account
passwords. Which of the following BEST protects the master password list?
A.
File encryption
B.
Password hashing
C.
USB encryption
D.
Full disk encryption
Explanation:
File encryption can be used to protect the contents of individual files. It uses randomly generated
symmetric encryption keys for the file and stores the key in an encrypted form using the user’s public key
on the encrypted file.
Incorrect Answers:
B: Hashing is a form of cryptography that produces a unique identifier known as a hash value. This hash
value serves as an ID code to detect when the original data source has been altered. It, however, does not
prevent access to the data.
C: USB encryption is provided by the vendor of the USB device or by a tool from a third party. It is used to
encrypt the data on the USB device, ensuring that the data cannot be accessed in a useable form should
the device be stolen or misplaced.
D: Full-disk encryption encrypts the data on the hard drive of the device. This feature ensures that the
data cannot be accessed in a useable form should the device be stolen or misplaced.Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 251-252, 255,
315-316