Which of the following statements BEST explains why a network firewall alone cannot provide the same level of protection as encryption for data stored on a network file server?
Neither firewalls nor encryption protect data at rest; only physical security controls such as locks and guards can do so.
Encryption secures data moving across the network, whereas a firewall secures all data that resides on the server's drives.
A properly configured firewall automatically encrypts any files transmitted or stored behind it, eliminating the need for separate data-at-rest encryption.
A firewall enforces access rules for network traffic, but only encryption renders the stored data unreadable to unauthorized users, so both controls are required to protect data at rest.
A firewall filters or blocks network traffic according to predefined rules, helping to prevent unauthorized access over the network. It does not transform the actual data on the server. If an attacker bypasses the firewall-through stolen credentials, an insider threat, or physical access-the files remain readable unless they are encrypted. Encrypting the disk, volume, or files converts them into ciphertext that is unintelligible without the decryption key, preserving confidentiality even if the storage media is stolen or the system is compromised. Therefore, encryption-not the firewall-provides protection for data at rest.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why doesn't a firewall encrypt data?
Open an interactive chat with Bash
What is 'data at rest,' and how does encryption protect it?
Open an interactive chat with Bash
How might an attacker bypass a firewall, and why does encryption matter in that situation?