A security engineer is implementing FDE for all laptops in an organization. Which of the following are the most important for the engineer to consider as part of the planning process? (Choose two.)
A security engineer is implementing FDE for all laptops in an organization. Which of the following are the most important for the engineer to consider as part of the planning process? (Choose two.)
When implementing Full Disk Encryption (FDE) for laptops, two of the most important considerations are Key escrow and TPM presence. Key escrow is critical because it ensures that encryption keys can be recovered in cases where they are lost or forgotten, maintaining access to encrypted data. TPM presence is significant as it involves having a Trusted Platform Module, a hardware-based security feature that securely stores encryption keys, enhancing the overall security by protecting keys from unauthorized access or tampering.
A. Key escrow B. TPM presence - **Key escrow:** This is important to ensure that encryption keys can be recovered in case they are lost or forgotten. It is a crucial consideration for Full Disk Encryption (FDE) to maintain access to data even if issues arise with the primary encryption keys. - **TPM presence:** Trusted Platform Module (TPM) is a hardware-based security feature that can store encryption keys securely. Ensuring the presence of TPM on laptops enhances the security of FDE by protecting the encryption keys from being accessed or tampered with. Therefore, the most important considerations for the security engineer are: A. Key escrow B. TPM presence
A. Key escrow B. TPM presence
A. Key escrow B. TPM presence
Key escrow is a method of storing encryption keys in a secure location, such as a trusted third party or a hardware security module (HSM). Key escrow is important for FDE because it allows the recovery of encrypted data in case of lost or forgotten passwords, device theft, or hardware failure. Key escrow also enables authorized access to encrypted data for legal or forensic purposes. TPM presence is a feature of some laptops that have a dedicated chip for storing encryption keys and other security information. TPM presence is important for FDE because it enhances the security and
I think E is also correct one
I don't think so that are the correct answers.
this one is tough because public key management is fundamental to full disc ecryption. that being said, key escrow is arguably more important for the following reasons. public key's are used to encrypt the data and the PRIVATE key is used to decrypt the data. once the data is encrypted, i would argue who holds the keys (another department or another 3rd party) is more important than establishing the encryption (because thats kind of the easy part). TPM presence is even more fundamental to FDE than the public key is because without it, you cant even consider FDE. those are my thoughts going with AB for now. please share your thoughts. if i didnt pick AB i'd go BE