SY0-301 · Question #752
To protect corporate data on removable media, a security policy should mandate that all removable devices use which of the following?
The correct answer is A. Full disk encryption. Full disk encryption on removable media ensures that if a device is lost or stolen, the data it contains remains unreadable without the correct decryption key.
Question
To protect corporate data on removable media, a security policy should mandate that all removable devices use which of the following?
Options
- AFull disk encryption
- BApplication isolation
- CDigital rights management
- DData execution prevention
How the community answered
(59 responses)- A86% (51)
- B2% (1)
- C8% (5)
- D3% (2)
Why each option
Full disk encryption on removable media ensures that if a device is lost or stolen, the data it contains remains unreadable without the correct decryption key.
Full disk encryption - such as BitLocker To Go - encrypts every byte stored on a removable device at the hardware or volume level. If the device is lost, stolen, or accessed without authorization, the data is cryptographically protected and unreadable, directly addressing the risk of data exposure from portable media.
Application isolation limits how applications interact with each other or the OS on a host system and provides no protection for data stored on a removable device used outside that host.
Digital rights management controls usage permissions such as copying or printing of specific files, but it does not protect the entire storage volume and can be bypassed if the underlying media is accessed directly.
Data Execution Prevention (DEP) is a memory protection feature that prevents code from executing in non-executable memory regions and has no bearing on protecting data stored on removable media.
Concept tested: Full disk encryption for removable media data protection
Source: https://learn.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-to-go-faq
Topics
Community Discussion
No community discussion yet for this question.