You are configuring a company executive's laptop, which will hold highly confidential project documentation. To align with corporate security guidelines, which method should you use to ensure the confidentiality of the data if the laptop is misplaced or stolen?
Enable BitLocker Drive Encryption leveraging the onboard TPM security hardware.
Implement folder-specific encryption to isolate and protect individual directories.
Use software-based encryption to create an encrypted container for personal files.
Set a BIOS/UEFI password in conjunction with a secure boot-up process.
Turning on a hardware-based encryption solution such as a Trusted Platform Module (TPM) with BitLocker ensures optimal protection by leveraging the TPM's security capabilities along with BitLocker's encryption strength, rendering the data on the laptop inaccessible if it falls into the wrong hands without the necessary authentication. While enabling software-based encryption and BIOS/UEFI passwords can enhance security, they do not offer the same level of integrated protection as TPM with BitLocker, which is specifically designed for scenarios where high-level security is paramount. Encrypting personal files, though useful, would leave other areas of the disk vulnerable which could contain temporary or cached files with sensitive data.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is BitLocker Drive Encryption and how does it work?
Open an interactive chat with Bash
What is a Trusted Platform Module (TPM) and why is it important for encryption?
Open an interactive chat with Bash
What are the risks of not using hardware-based encryption like BitLocker?