nerdexam
ExamsCAS-001Questions#510
CompTIA

CAS-001 · Question #510

CAS-001 Question #510: Real Exam Question with Answer & Explanation

The correct answer is B: Full disk encryption. The primary risk here is physical loss or theft of a laptop while outside the corporate perimeter. Since applications require local caches of sensitive PII data, that data exists on the disk in plaintext unless protected. Full Disk Encryption (FDE) ensures that even if a device i

Question

A security auditor is conducting an audit of a corporation where 95% of the users travel or work from non-corporate locations a majority of the time. While the employees are away from the corporate offices, they retain full access to the corporate network and use of corporate laptops. The auditor knows that the corporation processes PII and other sensitive data with applications requiring local caches of any data being manipulated. Which of the following security controls should the auditor check for and recommend to be implemented if missing from the laptops?

Options

  • ATrusted operating systems
  • BFull disk encryption
  • CHost-based firewalls
  • DCommand shell restrictions

Explanation

The primary risk here is physical loss or theft of a laptop while outside the corporate perimeter. Since applications require local caches of sensitive PII data, that data exists on the disk in plaintext unless protected. Full Disk Encryption (FDE) ensures that even if a device is stolen, the data remains unreadable without the decryption credentials. Trusted operating systems (A) help with OS integrity but don't protect cached data from physical access. Host-based firewalls (C) protect against network-based attacks, not physical theft. Command shell restrictions (D) limit what users can do on the OS but don't protect data at rest. FDE directly addresses the confidentiality risk of sensitive data leaving the corporate boundary on mobile hardware.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-001 Practice