SY0-301 · Question #818
The systems administrator wishes to implement a hardware-based encryption method that could also be used to sign code. They can achieve this by:
The correct answer is A. Utilizing the already present TPM.. A Trusted Platform Module (TPM) is a dedicated hardware chip embedded on the motherboard that provides hardware-based cryptographic functions including key generation, encryption, decryption, and digital signing. TPM can store cryptographic keys securely and is used for disk encr
Question
The systems administrator wishes to implement a hardware-based encryption method that could also be used to sign code. They can achieve this by:
Options
- AUtilizing the already present TPM.
- BConfiguring secure application sandboxes.
- CEnforcing whole disk encryption.
- DMoving data and applications into the cloud.
How the community answered
(32 responses)- A91% (29)
- B3% (1)
- D6% (2)
Explanation
A Trusted Platform Module (TPM) is a dedicated hardware chip embedded on the motherboard that provides hardware-based cryptographic functions including key generation, encryption, decryption, and digital signing. TPM can store cryptographic keys securely and is used for disk encryption (e.g., BitLocker), platform integrity measurement, and code signing - all in hardware, making it resistant to software-based attacks. Option B (application sandboxes) is an isolation technique, not encryption hardware. Option C (whole disk encryption) is a software/policy solution that may use TPM but is not itself a hardware encryption method. Option D (moving to the cloud) offloads resources but does not implement local hardware-based encryption.
Topics
Community Discussion
No community discussion yet for this question.