CAS-005 · Question #403
CAS-005 Question #403: Real Exam Question with Answer & Explanation
The correct answer is B: Cryptographically erase FDE volumes. Cryptographically erasing FDE (Full Disk Encryption) volumes is the most effective way to mitigate data loss within seconds. It renders the encrypted data inaccessible by destroying the encryption key, which can be done instantly and remotely, meeting the hospital’s objective wit
Question
A hospital provides tablets to its medical staff to enable them to more quickly access and edit patients' charts. The hospital wants to ensure that if a tablet is identified as lost or stolen and a remote command is issued, the risk of data loss can be mitigated within seconds. The tablets are configured as follows to meet hospital policy: - Full disk encryption is enabled. - "Always On" corporate VPN is enabled. - eFuse-backed keystore is enabled/ready. - Wi-Fi 6 is configured with SAE. - Location services is disabled. - Application allow list is unconfigured. Assuming the hospital policy cannot be changed, which of the following is the best way to meet the hospital's objective?
Options
- ARevoke the user VPN and Wi-Fi certificates
- BCryptographically erase FDE volumes
- CIssue new MFA credentials to all users
- DConfigure the application allow list
Explanation
Cryptographically erasing FDE (Full Disk Encryption) volumes is the most effective way to mitigate data loss within seconds. It renders the encrypted data inaccessible by destroying the encryption key, which can be done instantly and remotely, meeting the hospital’s objective without requiring changes to existing policy.
Community Discussion
No community discussion yet for this question.