CompTIA Security Plus Mock Test Q841

The act of magnetically erasing all of the data on a disk is known as:

A. Wiping
B. Dissolution
C. Scrubbing
D. Degaussing


Correct Answer: D
Section: Application, Data and Host Security

Explanation:
Degaussing is a form a data wiping that entails the use of magnets to alter the magnetic structure of the storage medium.

Incorrect Answers:
A: Data wiping is the process of securely removing data remnants from a storage device so that the data cannot be recovered. This is usually done when a device is to be disposed or
can be done remotely, when a mobile device is stolen.
B, C: Dissolution and scrubbing are not related to erasing data on a disk.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 256
http://pcsupport.about.com/od/toolsofthetrade/tp/erase-hard-drive.htm

CompTIA Security Plus Mock Test Q827

Which of the following should be enabled in a laptop’s BIOS prior to full disk encryption?

A. USB
B. HSM
C. RAID
D. TPM

Correct Answer: D
Section: Application, Data and Host Security

Explanation:
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key
generation and stores cryptographic keys, passwords, or certificates.

Incorrect Answers:
A: USB support can be enabled or disabled in a system’s BIOS but it is not required for full-disk encryption.
B: Hardware Security Module (HSM) hardware-based encryption solution that is usually used in conjunction with PKI to enhance security with certification authorities (CAs). It is
available as an expansion card and can cryptographic keys, passwords, or certificates. As HSM is not embedded in the motherboards, it is not enabled or disable in BIOS.
C: Random Array of Independent Disks (RAID) is a fault-tolerant storage solution that consists of two or more hard disks. It is not required for full-disk encryption.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 237, 238

CompTIA Security Plus Mock Test Q809

Which of the following does full disk encryption prevent?

A. Client side attacks
B. Clear text access
C. Database theft
D. Network-based attacks


Correct Answer: B
Section: Application, Data and Host Security

Explanation:
Full-disk encryption encrypts the data on the device. This feature ensures that the data on the device cannot be accessed in a useable form should the device be stolen.

Incorrect Answers:
A, D: Full-disk encryption encrypts the data on the device itself and ensures that the data on the device cannot be accessed in a useable form should the device be stolen. It does not
prevent client-side or network-based attacks.
C: Full-disk encryption encrypts the data on the device itself. It may help prevent access to database data but database encryption would be the preferred method of protecting
database data.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 251-252