PCCET Question #42: Real Exam Question with Answer & Explanation

The correct answer is B: full-disk encryption. If a laptop is physically stolen, the attacker has direct access to the storage hardware and can bypass the OS login entirely by booting from an external drive or removing the disk. Full-disk encryption (e.g., BitLocker on Windows, FileVault on macOS) renders all data on the disk

Submitted by hassan_iq· Apr 18, 2026Endpoint Security

Question

On an endpoint, which method is used to protect proprietary data stored on a laptop that has been stolen?

Options

Aoperating system patches
Bfull-disk encryption
Cperiodic data backups
Dendpoint-based firewall

Explanation

If a laptop is physically stolen, the attacker has direct access to the storage hardware and can bypass the OS login entirely by booting from an external drive or removing the disk. Full-disk encryption (e.g., BitLocker on Windows, FileVault on macOS) renders all data on the disk unreadable without the correct decryption key, protecting proprietary data even when physical possession is lost. OS patches reduce software vulnerabilities but don't protect data on a stolen device. Periodic backups protect against data loss but not unauthorized access. An endpoint-based firewall controls network traffic but offers no protection against local physical access to the disk.

Topics

#Full-disk encryption#Data protection#Endpoint security#Data at rest

Community Discussion

No community discussion yet for this question.

Full PCCET Practice Browse All PCCET Questions