A team of firewall administrators have access to a `master password list’ containing service account passwords. Which of the following BEST protects the master
password list?
A.
File encryption
B.
Password hashing
C.
USB encryption
D.
Full disk encryption
Explanation:
File encryption can be used to protect the contents of individual files. It uses randomly generated symmetric encryption keys for the file and stores the key in an
encrypted form using the user’s public key on the encrypted file.Incorrect Answers:
B: Hashing is a form of cryptography that produces a unique identifier known as a hash value. This hash value serves as an ID code to detect when the original
data source has been altered. It, however, does not prevent access to the data.
C: USB encryption is provided by the vendor of the USB device or by a tool from a third party. It is used to encrypt the data on the USB device, ensuring that the
data cannot be accessed in a useable form should the device be stolen or misplaced.
D: Full-disk encryption encrypts the data on the hard drive of the device. This feature ensures that the data cannot be accessed in a useable form should the device
be stolen or misplaced.Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 251- 252, 255, 315-316