nerdexam
(ISC)2

CISSP · Question #373

When selecting a disk encryption technology, which of the following MUST also be assured to be encrypted?

The correct answer is D. Hibernation file. When implementing disk encryption, the hibernation file must also be encrypted because it contains an exact copy of RAM contents, which can include sensitive data and encryption keys.

Submitted by the_admin· Mar 5, 2026Asset Security

Question

When selecting a disk encryption technology, which of the following MUST also be assured to be encrypted?

Options

  • AMaster Boot Record (MBR)
  • BPre-boot environment
  • CBasic Input Output System (BIOS)
  • DHibernation file

How the community answered

(62 responses)
  • A
    6% (4)
  • B
    11% (7)
  • C
    3% (2)
  • D
    79% (49)

Why each option

When implementing disk encryption, the hibernation file must also be encrypted because it contains an exact copy of RAM contents, which can include sensitive data and encryption keys.

AMaster Boot Record (MBR)

The Master Boot Record is a component that disk encryption solutions like BitLocker typically handle as part of their boot integrity process, but it is not a storage location for sensitive runtime data that would bypass encryption protections.

BPre-boot environment

The pre-boot environment is the execution phase before the OS loads and is managed by the encryption solution itself (e.g., BitLocker's pre-boot authentication), not a data storage location that independently requires separate encryption assurance.

CBasic Input Output System (BIOS)

The BIOS is firmware stored on a chip on the motherboard and does not store user data or memory contents; it is not a target for disk encryption and cannot be encrypted by disk encryption software.

DHibernation fileCorrect

The hibernation file (hiberfil.sys on Windows) stores a complete snapshot of system memory to disk when the system hibernates, which can contain plaintext data, credentials, and even the encryption keys themselves. If the hibernation file is not encrypted, an attacker could extract it from the disk and recover sensitive information even when full disk encryption is in place. Therefore, any disk encryption solution must ensure the hibernation file is included in the encryption scope.

Concept tested: Disk encryption scope including hibernation file

Source: https://learn.microsoft.com/en-us/windows/security/operating-system-security/data-protection/bitlocker/bitlocker-overview

Topics

#Disk encryption#Hibernation file#Data at rest#Data leakage

Community Discussion

No community discussion yet for this question.

Full CISSP Practice