CompTIA Security Plus Mock Test Q812

To protect corporate data on removable media, a security policy should mandate that all removable devices use which of the following?

A. Full disk encryption
B. Application isolation
C. Digital rights management
D. Data execution prevention

Correct Answer: A
Section: Application, Data and Host Security

Explanation:
Full-disk encryption encrypts the data on the hard drive of the device or on a removable drive. This feature ensures that the data on the device or removable drive cannot be accessed
in a useable form should it be stolen.

Incorrect Answers:
B: Application Isolation is the process of ensuring that the application always uses the version of shared files with which it was installed, preventing component versioning conflicts.
This is performed by the developer of the application.
C: Digital rights management (DRM) is a set of technologies used by publishers, copyright holders, and individuals to control the after-sale use of digital content, most prominently, to
curb piracy of digital content.
D: Data Execution Prevention (DEP) is a security feature built into the operating system. It defines areas of memory as executable and nonexecutable. This protects against program
errors, and some malicious exploits, such as buffer overflows.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 251-252
http://www.symantec.com/connect/articles/application-isolation-basics-and-directions
http://en.wikipedia.org/wiki/Digital_rights_management
http://en.wikipedia.org/wiki/Data_Execution_Prevention