CompTIA Security Plus Mock Test Q811

Which of the following is the BEST method for ensuring all files and folders are encrypted on all corporate laptops where the file structures are unknown?

A. Folder encryption
B. File encryption
C. Whole disk encryption
D. Steganography


Correct Answer: C
Section: Application, Data and Host Security

Explanation:
Full-disk encryption encrypts the data on the hard drive of the device or on a removable drive. This feature ensures that the data on the device or removable drive cannot be accessed
in a useable form should it be stolen. Furthermore, full-disk encryption is not dependant on knowledge of the file structure.

Incorrect Answers:
A, B: File and Folder encryption encrypts the content of individual files and folders respectively. To implement file or folder encryption effectively, the file structure has to be known.
D: Steganography is a process of hiding one communication inside another communication. It can use passwords to prevent unauthorized extraction of the hidden communication and
can also use encryption to mitigate against brute-force attempts at extraction. Steganography can also be used to detect theft, fraud, or modification when the hidden communication is
a watermark.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 251-252, 323