CISSP · Question #1393
Which of the following is an example of a vulnerability of full-disk encryption (FDE)?
The correct answer is A. Data at rest has been compromised when the user has authenticated to the device.. Full-disk encryption (FDE) is a security technique that encrypts the entire hard drive of a device or system, protecting the data at rest from unauthorized access, disclosure, or modification. However, FDE has a vulnerability that data at rest has been compromised when the user h
Question
Which of the following is an example of a vulnerability of full-disk encryption (FDE)?
Options
- AData at rest has been compromised when the user has authenticated to the device.
- BData on the device cannot be restored from backup.
- CData in transit has been compromised when the user has authenticated to the device.
- DData on the device cannot be backed up.
How the community answered
(23 responses)- A83% (19)
- B4% (1)
- C9% (2)
- D4% (1)
Explanation
Full-disk encryption (FDE) is a security technique that encrypts the entire hard drive of a device or system, protecting the data at rest from unauthorized access, disclosure, or modification. However, FDE has a vulnerability that data at rest has been compromised when the user has authenticated to the device, which means that once the user enters the correct password or credentials to boot up the device or system, the data on the hard drive is decrypted and accessible to anyone who has physical access to the device or system, such as a thief or an attacker. This vulnerability can be exploited by using cold boot attacks, evil maid attacks, or other methods that target the device or system when it is powered on or in sleep mode.
Topics
Community Discussion
No community discussion yet for this question.