A company archives personal records on portable media. The security team needs a measure that will keep the records unreadable if that media is taken from the site. Which option offers the strongest defense against unauthorized viewing?
Use volume-level encryption with keys managed outside the storage hardware
Include a hash function for passwords that control file access
Apply a digital signature to the records to confirm their authenticity
Restrict read permissions using local user accounts on the device
Encrypting stored information with dependable ciphers and keys kept away from the device prevents anyone who obtains the hardware from reading it. Merely enforcing operating system permissions or using signatures does not prevent offline attacks, and hashing alone does not conceal data.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is volume-level encryption?
Open an interactive chat with Bash
Why is managing encryption keys outside the storage hardware more secure?
Open an interactive chat with Bash
Why don't operating system permissions or hash functions provide the same level of protection?