An organization must implement controls to protect the confidentiality of its most sensitive data. The company is
currently using a central storage system and group based access control for its sensitive information. Which of
the following controls can further secure the data in the central storage system?
Patching the system
Data encryption makes data unreadable to anyone who does not have the required key to decrypt the data. The
question states that the sensitive data is stored on a central storage system. Group based access control is
used to control who can access the sensitive data. However, this offers no physical security for the data.
Someone could steal the central storage system or remove the hard disks from it with the plan of placing the
hard disks into another system to read the data on the disks. With the data encrypted, the data would be