Here’s the Answer to the Question posted on Facebook
Q. Your organization recently purchased several new laptop computers for employees. You’re asked to encrypt the laptop’s hard drives without purchasing any additional hardware. What would you use?
C. VM escape
Answer available until June 17, 2015.
|Get over 400 Security+ (SY0-401 questions here).|
[DAP publicUntil=”2015-6-17″ hasAccessTo=”56″ errMsgTemplate=”SHORT”]
Answer. A is correct. A Trusted Platform Module (TPM) is included in many new laptops and it provides a mechanism for vendors to perform hard drive encryption.
Because the TPM components are included, this solution does not require purchasing additional hardware.
An HSM is a removable hardware device and is not included with laptops, so it requires an additional purchase.
A VM escape attack runs on a virtual system, and if successful, it allows the attacker to control the physical host server and all other virtual servers on the physical server.
A network-based data loss prevention (DLP) system can examine and analyze network traffic and detect if confidential company data is included.
Objective: 4.4 Implement the appropriate controls to ensure data security.[/DAP]
See Chapter 5 of the CompTIA Security+: Get Certified Get Ahead: SY0-401 Study Guide.
Widget not in any sidebars