CompTIA Security Plus Mock Test Q816

Which of the following is an advantage of implementing individual file encryption on a hard drive which already deploys full disk encryption?

A. Reduces processing overhead required to access the encrypted files
B. Double encryption causes the individually encrypted files to partially lose their properties
C. Individually encrypted files will remain encrypted when copied to external media
D. File level access control only apply to individually encrypted files in a fully encrypted drive

Correct Answer: C
Section: Application, Data and Host Security

Explanation:
With full disk encryption a file is encrypted as long as it remains on the disk. This is because the data on the disk is decrypted when the user logs on, thus the data is in a decrypted
form when it is copied to another disk. Individually encrypted files on the other hand remain encrypted.

Incorrect Answers:
A: Encrypting individual files do not reduce the processing overhead but increases it as the full disk encryption must be decrypted as well as the file encryption. Full disk decryption
usually occurs when the user logos on to the system.
B: Double encryption does not cause individually encrypted files to partially lose their properties. File properties are typically not encrypted with individual file encryption.
D: Encryption is not a requirement for file-level access control and it can be applied to files whether they are encrypted or not.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 251-252
http://en.wikipedia.org/wiki/Disk_encryption