GIAC
GCFA · Question #307
GCFA Question #307: Real Exam Question with Answer & Explanation
The correct answer is B. Encrypting File System (EFS) C. Digital certificates. EFS and digital certificates address the primary security risks for laptop computers - data-at-rest exposure from theft and weak identity authentication. Other options either introduce vulnerabilities or protect different attack surfaces.
Question
Based on the case study, to implement more security, which of the following additional technologies should you implement for laptop computers? (Click the Exhibit button on the toolbar to see the case study.) Each correct answer represents a complete solution. Choose two.
Options
- APAP authentication
- BEncrypting File System (EFS)
- CDigital certificates
- DTwo-factor authentication
- EEncrypted Data Transmissions
Explanation
EFS and digital certificates address the primary security risks for laptop computers - data-at-rest exposure from theft and weak identity authentication. Other options either introduce vulnerabilities or protect different attack surfaces.
Common mistakes.
- A. PAP (Password Authentication Protocol) transmits credentials in cleartext and provides no protection against eavesdropping, making it a security regression rather than an improvement for laptop authentication.
- D. Two-factor authentication improves logon security but the case study context indicates the primary requirement is data protection at rest and identity assurance via certificates, which two-factor authentication alone does not provide.
- E. Encrypted data transmissions protect data moving over a network but do not protect files stored locally on a laptop drive, leaving the most critical laptop risk - data exposure from physical theft - unaddressed.
Concept tested. Laptop data-at-rest protection using EFS and digital certificates
Community Discussion
No community discussion yet for this question.