CompTIA Security Plus Mock Test Q276

Matt, a security analyst, needs to implement encryption for company data and also prevent theft of company data. Where and how should Matt meet this requirement?

A. Matt should implement access control lists and turn on EFS.
B. Matt should implement DLP and encrypt the company database.
C. Matt should install Truecrypt and encrypt the company server.
D. Matt should install TPMs and encrypt the company database.


Correct Answer: B
Section: Compliance and Operational Security

Explanation:
Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. Encryption is used to protect data.

Incorrect Answers:
A: ACLs will enable devices in your network to ignore requests from specified users or to grant them access to certain network capabilities and EFS can also be used to help in risk
mitigation. However Matt is supposed to employ encryption and prevent theft of company data.
C: TrueCrypt is used to encrypt hard drives and partitions. Data is software and Truecrypt is used for hardware encryption.
D: TPM can be used to assist with hash key generation, bu that is just it, it is hardware encryption, not data encryption per se.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 14-18, 156, 238, 290