CAS-003 · Question #498
CAS-003 Question #498: Real Exam Question with Answer & Explanation
The correct answer is A: Full disk encryption. Full disk encryption (FDE), such as BitLocker on Windows, encrypts all data on the laptop's storage drive. If the laptop is physically stolen, the data remains completely inaccessible without the encryption key/password, even if the drive is removed and placed in another machine.
Question
Options
- AFull disk encryption
- BBiometric authentication
- CAn eFuse-based solution
- DTwo-factor authentication
Explanation
Full disk encryption (FDE), such as BitLocker on Windows, encrypts all data on the laptop's storage drive. If the laptop is physically stolen, the data remains completely inaccessible without the encryption key/password, even if the drive is removed and placed in another machine. Critically, once FDE is set up, it is transparent to the user during normal operation - Ann simply uses the laptop as usual. This minimizes user training requirements while providing strong protection against the specific threat: theft of an unattended device. Biometric authentication (B) controls access to the OS login but does not protect data if the drive is removed. An eFuse-based solution (C) is typically an anti-tamper mechanism to brick hardware, complex to implement and not a standard enterprise approach. Two-factor authentication (D) strengthens login security but requires user interaction and training and does not protect data from drive-level access.
Community Discussion
No community discussion yet for this question.