They can achieve this by:

The systems administrator wishes to implement a hardware-based encryption method that could also be used to sign code. They can achieve this by:

The systems administrator wishes to implement a hardware-based encryption method that could also be used to sign code. They can achieve this by:

A.
Utilizing the already present TPM.
Thumb drives present a significant threat which is mitigated by HSM.

B.
Configuring secure application sandboxes.
Software encryption can perform multiple functions required by HSM.

C.
Enforcing whole disk encryption.
Data loss by removable media can be prevented with DLP.

D.
Moving data and applications into the cloud.
Moving data and applications to the cloud does not ensure that the data or applications are encrypted in its new location.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 204-205, 237
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 250
QUESTION 384
Which of the following BEST explains the use of an HSM within the company servers?
Hardware encryption is faster than software encryption.

D.
Moving data and applications into the cloud.
Moving data and applications to the cloud does not ensure that the data or applications are encrypted in its new location.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 204-205, 237
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 250
QUESTION 384
Which of the following BEST explains the use of an HSM within the company servers?
Hardware encryption is faster than software encryption.

A.
Utilizing the already present TPM.
Thumb drives present a significant threat which is mitigated by HSM.

B.
Configuring secure application sandboxes.
Software encryption can perform multiple functions required by HSM.

C.
Enforcing whole disk encryption.
Data loss by removable media can be prevented with DLP.

D.
Moving data and applications into the cloud.
Moving data and applications to the cloud does not ensure that the data or applications are encrypted in its new location.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 204-205, 237
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 250
QUESTION 384
Which of the following BEST explains the use of an HSM within the company servers?
Hardware encryption is faster than software encryption.

Explanation:
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps
with hash key generation and stores cryptographic keys, passwords, or certificates.
Incorrect Answers:
B: Sandboxing is the process of isolating a system before installing new applications on it so as to restrict any potential harm it may cause to production systems.
C: Whole disk encryption can be implemented by either a software-based cryptography solutions or by a hardware based solution such as a Trusted Platform
Module (TPM) or a Hardware Security Module (HSM).

Hardware Security Module (HSM) is a cryptoprocessor that can be used to enhance security. It provides a fast solution for the for large asymmetrical encryption
calculations and is much faster than software-based cryptographic solutions.
Incorrect Answers:
A: Hardware Security Module (HSM) is a cryptoprocessor that can be used to enhance security. HSM is usually used in conjunction with PKI to enhance security
with certification authorities (CAs). PKI secures communication. It does not secure thumb drives.
B: Hardware Security Module (HSM) is a cryptoprocessor that can be used to enhance security. HSM is usually used in conjunction with PKI to enhance security
with certification authorities (CAs). It provides encryption functions rather than requiring it.
C: Data loss prevention (DLP) is designed detect and prevent unauthorized access to sensitive information. It may involve content inspection, storage and
transmission encryption, contextual assessment, monitoring authorizations, and centralized management. It can make use of software-based cryptographic
solutions, of hardware-based cryptographic solutions such as HSM.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, Sixth Edition, Sybex, Indianapolis, 2014, pp 238, 278
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp 254-



Leave a Reply 0

Your email address will not be published. Required fields are marked *