CompTIA Security Plus Mock Test Q762

A way to assure data at-rest is secure even in the event of loss or theft is to use:

A. Full device encryption.
B. Special permissions on the file system.
C. Trusted Platform Module integration.
D. Access Control Lists.


Correct Answer: A
Section: Application, Data and Host Security

Explanation:
Device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen.

Incorrect Answers:
B: Permissions on the file system define the level of access logged on users have to files and folders. However, should an unauthorized user gain access to an authorized user’s user
account, they would gain access to the files and folders.
C: Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard. It helps with hash key generation and stores cryptographic
keys, passwords, or certificates.
D: Access Control Lists (ACLs) define the level of access logged on users have to resources. However, should an unauthorized user gain access to an authorized user’s user account,
they would gain access to the data.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 156, 237, 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 236, 237