A user in the finance department uses a laptop to store a spreadsheet that contains confidential financial information for the company. Which of the following would be the BEST way to protect the file while the user travels between locations? (Choose two.)
Encrypting the laptop with full disk encryption ensures that all data on the laptop is encrypted, making it inaccessible to unauthorized users if the laptop is lost or stolen. This provides comprehensive protection for all files, including the confidential spreadsheet. Backing up the file to an encrypted flash drive provides a secure backup solution. If the laptop is lost or damaged, the user still has access to the encrypted backup, ensuring that the confidential information is protected and recoverable.
wouldn't you do A and C why B
While this restricts access to certain users, it does not protect the file if the laptop is lost or stolen, as the ACL can potentially be bypassed by gaining physical access to the drive.
This laptop likely belongs solely to the user. None of the other actions make sense, so B is the next best answer.
Encrypting the laptop with full disk encryption (A) and backing up the file to an encrypted flash drive (B) are the best practices to ensure that the confidential financial information stored on the laptop remains protected while the user travels between locations. These measures mitigate the risks associated with theft or loss of the laptop, providing both confidentiality and data availability in transit. While access control lists (ACLs) can restrict access to specific users, they do not protect the file if the laptop is lost or stolen. ACLs are effective for controlling access within a network or filesystem but do not provide sufficient protection in transit or when the device is physically compromised.
I am going to go with A and C. The only reason I don't say B is because how we use the term back up at my job. When we back something up to an external there is still a copy of it on the computer. If they said transfer the file to an encrypted flash drive it would make sense to me to say A and B over C but this is CompTIA where every word in the question matters. I may just be bias let me know what you guys think.
A of course, and B because of the additional backup. While Place an ACL on the file to only allow access to specified users, can restrict who can access the file, it doesn’t protect the data if the laptop is lost or stolen and the file system is accessed by other means.
Yeah but the question doesn't ask about backup, it's asking best options to protect the file. Having the file backed up on a USB just introduces a new way to lose this information.
I think the keyphrase here is "protect the file," meaning how do we ensure CIA on the data in the event that the laptop is lost/stolen/destroyed while traveling. Adding an ACL doesn't really make sense in combination with full drive encryption. If someone is able to decrypt the drive, they can just plug it into another computer and take ownership. I think the backup is the only thing that makes sense as the encryption covers CI and the backup would cover A.
Adding an ACL makes sense for a domain-joined machine--if someone did manage to log onto your device using a service account or guessing a member's password, they still wouldn't be able to get to the file. B doesn't really do anything to protect the file "while traveling." The question suggests that we're worried about data interception, not data destruction. If the question asked to protect the file from destruction while the employee travels, an encrypted backup would make sense. As the question is phrased, A/C are the correct answers.
While ACLs can be part of a security strategy, they are often more effective in controlled and static environments. In the context of a user traveling between locations, the combination of full disk encryption and encrypted backup provides a higher level of security for the confidential financial information on the laptop.
Forgot to vote....
I would say AB because the backup is protecting the file from being lost should something happen to the laptop. C, while not a bad idea, isn't really as necessary with full disk encrypting since a pin will be required to unlock the laptop to even try to log in. So no other user should be able to attempt to log in anyway.
For transporting a file it makes sense for A and B sense if someone takes your laptop and you have access to it that means theyd have access to that file. While if it’s encrypted its at least becomes unreadable without the passcode
Think of the CIA triad. They are worried about Confidentiality protection, specifically in this scenario. Option B provides a solution to Availability. Yes, it's encrypted, and that provides confidentiality for the flash drive, but backing the data up in the first place does not solve the initial issue.
A. Encrypt the laptop with full disk encryption: Full disk encryption ensures that all data on the laptop is encrypted, making it inaccessible to unauthorized users if the laptop is lost or stolen. This provides comprehensive protection for all files, including the confidential spreadsheet. B. Back up the file to an encrypted flash drive: Backing up the file to an encrypted flash drive provides a secure backup solution. If the laptop is lost or damaged, the user still has access to the encrypted backup, ensuring that the confidential information is protected and recoverable.
AC Agreed