CompTIA Security Plus Mock Test Q821

Which of the following is a way to implement a technical control to mitigate data loss in case of a mobile device theft?

A. Disk encryption
B. Encryption policy
C. Solid state drive
D. Mobile device policy


Correct Answer: A
Section: Application, Data and Host Security

Explanation:
Disk and device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen.

Incorrect Answers:
B: An encryption policy provides guidelines that limit the use of encryption to algorithms that have been proven to work effectively. The policy still needs to be applied and enforced.
C: Solid state drives are hard drives that have memory chips to store data rather than magnetic disks. These are much faster than traditional hard disks but have no effect on data loss
due to device theft.
D: A mobile device policy provides guidelines the acceptable use of mobile devices within an organization, and means of securing the devices and the data on those devices. However,
the policy still needs to be applied and enforced.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 236, 237
http://www.sans.org/security-resources/policies/general/pdf/acceptable-encryption-policy