SY0-501 · Question #268
SY0-501 Question #268: Real Exam Question with Answer & Explanation
The correct answer is B: Full device encryption. When a laptop is lost or stolen, full device encryption ensures that data remains unreadable to unauthorized parties without the encryption key, directly protecting data confidentiality.
Question
The Chief Executive Officer (CEO) of a major defense contracting company a traveling overseas for a conference. The CEO will be taking a laptop. Which of the following should the security administrator implement to ensure confidentiality of the data if the laptop were to be stolen or lost during the trip?
Options
- ARemote wipe
- BFull device encryption
- CBIOS password
- DGPS tracking
Explanation
When a laptop is lost or stolen, full device encryption ensures that data remains unreadable to unauthorized parties without the encryption key, directly protecting data confidentiality.
Common mistakes.
- A. Remote wipe requires the device to have network connectivity to receive the wipe command, which cannot be guaranteed if the device is stolen and kept offline, making it an unreliable confidentiality control.
- C. A BIOS password prevents unauthorized booting of the device but can be bypassed by physically removing the hard drive and accessing it in another system, so it does not protect the confidentiality of the stored data.
- D. GPS tracking helps locate a lost or stolen device but does not prevent an attacker from accessing or reading the data on the device, so it provides no confidentiality protection.
Concept tested. Data confidentiality through full device encryption
Community Discussion
No community discussion yet for this question.