A company archives personal records on portable media. The security team needs a measure that will keep the records unreadable if that media is taken from the site. Which option offers the strongest defense against unauthorized viewing?
Include a hash function for passwords that control file access
Apply a digital signature to the records to confirm their authenticity
Use volume-level encryption with keys managed outside the storage hardware
Restrict read permissions using local user accounts on the device
Encrypting stored information with dependable ciphers and keys kept away from the device prevents anyone who obtains the hardware from reading it. Merely enforcing operating system permissions or using signatures does not prevent offline attacks, and hashing alone does not conceal data.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is volume-level encryption and how does it work?
Open an interactive chat with Bash
Why are keys managed outside the storage hardware important?
Open an interactive chat with Bash
How are offline attacks prevented by volume-level encryption?