CompTIA Security Plus Mock Test Q817

A team of firewall administrators have access to a `master password list’ containing service account passwords. Which of the following BEST protects the master password list?

A. File encryption
B. Password hashing
C. USB encryption
D. Full disk encryption


Correct Answer: A
Section: Application, Data and Host Security

Explanation:
File encryption can be used to protect the contents of individual files. It uses randomly generated symmetric encryption keys for the file and stores the key in an encrypted form using
the user’s public key on the encrypted file.

Incorrect Answers:
B: Hashing is a form of cryptography that produces a unique identifier known as a hash value. This hash value serves as an ID code to detect when the original data source has been
altered. It, however, does not prevent access to the data.
C: USB encryption is provided by the vendor of the USB device or by a tool from a third party. It is used to encrypt the data on the USB device, ensuring that the data cannot be
accessed in a useable form should the device be stolen or misplaced.
D: Full-disk encryption encrypts the data on the hard drive of the device. This feature ensures that the data cannot be accessed in a useable form should the device be stolen or
misplaced.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 251-252, 255, 315-316