CompTIA Security Plus Mock Test Q834

Which of the following BEST explains the use of an HSM within the company servers?

A. Thumb drives present a significant threat which is mitigated by HSM.
B. Software encryption can perform multiple functions required by HSM.
C. Data loss by removable media can be prevented with DLP.
D. Hardware encryption is faster than software encryption.

Correct Answer: D
Section: Application, Data and Host Security

Explanation:
Hardware Security Module (HSM) is a cryptoprocessor that can be used to enhance security. It provides a fast solution for the for large asymmetrical encryption calculations and is
much faster than software-based cryptographic solutions.

Incorrect Answers:
A: Hardware Security Module (HSM) is a cryptoprocessor that can be used to enhance security. HSM is usually used in conjunction with PKI to enhance security with certification
authorities (CAs). PKI secures communication. It does not secure thumb drives.
B: Hardware Security Module (HSM) is a cryptoprocessor that can be used to enhance security. HSM is usually used in conjunction with PKI to enhance security with certification
authorities (CAs). It provides encryption functions rather than requiring it.
C: Data loss prevention (DLP) is designed detect and prevent unauthorized access to sensitive information. It may involve content inspection, storage and transmission encryption,
contextual assessment, monitoring authorizations, and centralized management. It can make use of software-based cryptographic solutions, of hardware-based cryptographic
solutions such as HSM.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 238, 278
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 254-255