CompTIA Security Plus Mock Test Q428

After recovering from a data breach in which customer data was lost, the legal team meets with the Chief Security Officer (CSO) to discuss ways to better protect the privacy of customer data. Which of the following controls support this goal?

A. Contingency planning
B. Encryption and stronger access control
C. Hashing and non-repudiation
D. Redundancy and fault tolerance

Correct Answer: B
Section: Compliance and Operational Security

Explanation:
Encryption is used to protect data/contents/documents. Access control refers to controlling who accesses any data/contents/documents and to exercise authorized control to the accessing of that data.

Incorrect Answers:
A: Contingency planning is part of a disaster-recovery plan.
C: Hashing refers to the hash algorithms used in cryptography. Nonrepudiation prevents one party from denying actions they carried out.
D: Redundancy and fault tolerance refers to the ability to sustain operation in the event of system and component failure.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 155, 262, 291