CompTIA Security Plus Mock Test Q272

Encryption of data at rest is important for sensitive information because of which of the following?

A. Facilitates tier 2 support, by preventing users from changing the OS
B. Renders the recovery of data harder in the event of user password loss
C. Allows the remote removal of data following eDiscovery requests
D. Prevents data from being accessed following theft of physical equipment


Correct Answer: D
Section: Compliance and Operational Security

Explanation:
Data encryption allows data that has been stolen to remain out of the eyes of the intruders who took it as long as they do not have the proper passwords.

Incorrect Answers:
A: Data at rest means just that – that user cannot use it at the moment, let alone change the OS.
B: Data Recovery capabilities are taken into account when backup plans are made/ part of disaster recovery plan.
C: Remote removal of data would not be a concern; rather the main concern should be the risk of theft.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, p. 290