Which of the following controls best helps protect legal documents stored on a company file server (data at rest) by ensuring they remain unreadable to unauthorized users?
Apply a confidentiality label to the documents in the document-management system.
Encrypt the documents using an industry-standard algorithm and proper key management.
Mask the document filenames to hide their purpose.
Hash each document with SHA-256 to detect changes.
Encrypting data converts readable information into ciphertext that can only be returned to plaintext with the proper decryption key. This preserves confidentiality even if an attacker gains access to the storage medium. Hashing detects changes but does not hide content, masking filenames only obscures metadata, and simply labeling data as confidential does not technically prevent disclosure.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does it mean for data to be 'at rest'?
Open an interactive chat with Bash
What are the key benefits of encrypting legal documents?
Open an interactive chat with Bash
What types of encryption are commonly used to protect data at rest?