CompTIA
SY0-301 · Question #135
SY0-301 Question #135: Real Exam Question with Answer & Explanation
The correct answer is B: Clear text access. Full disk encryption ensures all data written to a disk is encrypted, so if the drive is removed or accessed outside the normal boot process, no data can be read in clear text. It does not protect against network, application, or runtime attacks.
Question
Which of the following does full disk encryption prevent?
Options
- AClient side attacks
- BClear text access
- CDatabase theft
- DNetwork-based attacks
Explanation
Full disk encryption ensures all data written to a disk is encrypted, so if the drive is removed or accessed outside the normal boot process, no data can be read in clear text. It does not protect against network, application, or runtime attacks.
Common mistakes.
- A. Client-side attacks target application logic, browser vulnerabilities, or user-side scripts and are not mitigated by disk encryption, which only protects data at rest.
- C. Full disk encryption does not prevent database theft in the sense that an authenticated user with database access can still query and exfiltrate data - it only protects the raw disk sectors from offline access.
- D. Network-based attacks exploit services and protocols over the network and are unrelated to disk encryption, which operates at the storage layer.
Concept tested. Full disk encryption protection scope - data at rest
Community Discussion
No community discussion yet for this question.