CompTIA Security Plus Mock Test Q833

The systems administrator wishes to implement a hardware-based encryption method that could also be used to sign code. They can achieve this by:

A. Utilizing the already present TPM.
B. Configuring secure application sandboxes.
C. Enforcing whole disk encryption.
D. Moving data and applications into the cloud.

Correct Answer: A
Section: Application, Data and Host Security

Explanation:
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key
generation and stores cryptographic keys, passwords, or certificates.

Incorrect Answers:
B: Sandboxing is the process of isolating a system before installing new applications on it so as to restrict any potential harm it may cause to production systems.
C: Whole disk encryption can be implemented by either a software-based cryptography solutions or by a hardware based solution such as a Trusted Platform Module (TPM) or a
Hardware Security Module (HSM).
D. Moving data and applications to the cloud does not ensure that the data or applications are encrypted in its new location.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 204-205, 237
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 250