nerdexam
EC-Council

312-50V11 · Question #206

What is the most secure way to mitigate the theft of corporate information from a laptop that was left in a hotel room?

The correct answer is B. Encrypt the data on the hard drive.. Full-disk encryption is the only control that prevents an attacker from accessing data on a stolen laptop, regardless of hardware or OS-level bypasses.

Cryptography

Question

What is the most secure way to mitigate the theft of corporate information from a laptop that was left in a hotel room?

Options

  • ASet a BIOS password
  • BEncrypt the data on the hard drive.
  • CUse a strong logon password to the operating system.
  • DBack up everything on the laptop and store the backup in a safe place.

How the community answered

(31 responses)
  • A
    6% (2)
  • B
    90% (28)
  • D
    3% (1)

Why each option

Full-disk encryption is the only control that prevents an attacker from accessing data on a stolen laptop, regardless of hardware or OS-level bypasses.

ASet a BIOS password

A BIOS password prevents unauthorized booting from the device but can be bypassed by removing the hard drive and reading it directly on another system.

BEncrypt the data on the hard drive.Correct

Encrypting the hard drive with full-disk encryption (e.g., BitLocker or similar) renders stored data unreadable without the decryption key, even if the attacker removes the drive and mounts it on another machine. This protection persists independently of any OS-level or BIOS-level controls, which can be circumvented through physical access. It is the most effective control for data-at-rest protection on a stolen endpoint.

CUse a strong logon password to the operating system.

An OS logon password can be circumvented by booting from external media or mounting the drive on a different operating system.

DBack up everything on the laptop and store the backup in a safe place.

Backing up data protects against data loss but does nothing to prevent the attacker from reading the data still present on the stolen laptop.

Concept tested: Full-disk encryption for data-at-rest protection

Source: https://csrc.nist.gov/publications/detail/sp/800-111/final

Topics

#disk encryption#data at rest#laptop security#data protection

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice