CompTIA Security Plus Mock Test Q830

Which of the following is built into the hardware of most laptops but is not setup for centralized management by default?

A. Whole disk encryption
B. TPM encryption
C. USB encryption
D. Individual file encryption

Correct Answer: B
Section: Application, Data and Host Security

Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key
generation and stores cryptographic keys, passwords, or certificates.

Incorrect Answers:
A Whole disk and device encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be
stolen. This encryption can be provided by a hardware solution, such as TPM or HSM, or a software solution.
C: USB encryption is provided by the vendor of the USB device or by a tool from a third party. It is not included in the hardware of a laptop.
D. File encryption can be used to protect the contents of individual files. It uses randomly generated symmetric encryption keys for the file and stores the key in an encrypted form
using the user’s public key on the encrypted file.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 418-419
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 236, 237, 252, 255