nerdexam
EC-Council

312-50V10 · Question #206

What is the most secure way to mitigate the theft of corporate information from a laptop that was left in a hotel room?

The correct answer is B. Encrypt the data on the hard drive.. Full disk encryption is the strongest control against data theft from a stolen laptop because it renders all stored data cryptographically unreadable even if the drive is physically removed.

Cryptography

Question

What is the most secure way to mitigate the theft of corporate information from a laptop that was left in a hotel room?

Options

  • ASet a BIOS password
  • BEncrypt the data on the hard drive.
  • CUse a strong logon password to the operating system.
  • DBack up everything on the laptop and store the backup in a safe place.

How the community answered

(57 responses)
  • A
    9% (5)
  • B
    86% (49)
  • C
    4% (2)
  • D
    2% (1)

Why each option

Full disk encryption is the strongest control against data theft from a stolen laptop because it renders all stored data cryptographically unreadable even if the drive is physically removed.

ASet a BIOS password

A BIOS password can be bypassed by removing the CMOS battery to reset firmware settings, or by physically extracting the hard drive and connecting it to a different machine.

BEncrypt the data on the hard drive.Correct

Encrypting the hard drive with a solution such as BitLocker ensures all data at rest is protected by cryptographic keys, making it unreadable to anyone without the correct credentials or recovery key. Unlike software-based access controls, encryption cannot be bypassed by booting from external media or transplanting the drive to another system. This directly and technically neutralizes the threat posed by physical theft of the hardware.

CUse a strong logon password to the operating system.

An OS logon password can be circumvented by booting from external media such as a USB drive, granting direct filesystem access without any authentication.

DBack up everything on the laptop and store the backup in a safe place.

Backing up data protects against data loss but does nothing to prevent an attacker from reading the original unencrypted data remaining on the stolen laptop.

Concept tested: Full disk encryption for data protection at rest

Source: https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-overview

Topics

#disk encryption#data protection#laptop security#data at rest

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice