CompTIA Security+ SY0-701 Practice Question
Your organization is rolling out a new line of laptops to employees who handle sensitive data. These devices will be storing encryption keys, digital certificates, and passwords. The IT department is required to ensure that the keys used for disk encryption are stored in a way that is resistant to tampering and can provide platform integrity verification. What embedded solution on the laptops should be utilized to achieve this level of security?
Implement a Secure Enclave within the laptop's central processing unit.
Use the Trusted Platform Module (TPM) on the laptops.
Apply a Key Management System for all user credentials.
Integrate a separate Hardware Security Module (HSM) for each laptop.