Chapter 4 Flashcards
True or False? Encryption should never be the only control in place to protect data.
True
Hajar is a system administrator for a defense contractor. She seeks to encrypt sensitive business files for traveling employees. Each employee is given USB drive encrypted with a password at the beginning of their trip, containing only the files they will need. What encryption method and tool does Hajar use?
- Encrypting File System (EFS) file encryption
- BitLocker Drive Encryption
- Encrypting File System (EFS) folder encryption
- BitLocker To Go
BitLocker To Go
True or False? A Trusted Platform Module (TPM) is a microchip.
True
What happens if encryption starts by using asymmetric encryption to exchange a symmetric key, given the organizations cannot absolutely verify their identity?
Data transfer starts insecurely but is exchanged most quickly.
True or False? The Encrypting File System (EFS) does not require special hardware.
True
Which of the following encrypts entire volumes and normally uses a computer’s Trusted Platform Module (TPM) hardware to store encryption keys?
BitLocker
What is the best solution for securing network traffic between two application servers with specific open ports?
VPN using Layer 2 Tunneling Protocol (L2TP)
True or False? All BitLocker authentication modes are considered transparent operations.
False
Chris, a security architect, has decided to adopt public key infrastructure (PKI) for a more formal approach to securely handling keys in a medium-sized organization. Chris’s system will initiate a connection to a target system. During the PKI process, which of the following allows Chris’s system to get the target’s public key?
- Private key of trusted entity
- Private key of trusted target
- Public key of a registration authority
- Public key of a trusted entity
Public key of a trusted entity
Why is it recommended to use folder encryption rather than file-level encryption with EFS?
- Data are encrypted before being stored on the disk but backed up in a plaintext file.
- File-level EFS cannot encrypt plaintext files.
- When file-level EFS encrypts plaintext files on a disk, the files are deleted but readable traces of the files are left behind.
- EFS is incapable of encrypting any data at the file level.
When file-level EFS encrypts plaintext files on a disk, the files are deleted but readable traces of the files are left behind.
True or False? In Encrypting File System (EFS), each user must choose to enable encryption for specific files or folders.
True
True or False? Because BitLocker Drive Encryption encrypts entire volumes, only administrators can enable or disable encryption.
True
True or False? BitLocker is enabled by default on Windows Server 2022: Azure Datacenter cloud-hosted systems.
True
True or False? Encryption provides confidentiality and availability of data.
False
True or False? A virtual private network (VPN) exists between a client and a server or between two servers.
True
It is considered a best practice to __________ prior to encrypting with BitLocker.
make a backup of your data or disk drives
How many characters are in the BitLocker recovery password key?
48 characters
Which tool encrypts entire drives, rendering them unusable unless one possesses the correct key to unlock the drive?
BitLocker
Within a Microsoft Windows environment, who has access rights to the Encrypting File System (EFS) features and functions?
* Only the creator of the EFS file
* Only the domain administrator
* Both the creator of the EFS file and the domain administrator
* All users who desire access to the EFS file
Both the creator of the EFS file and the domain administrator
Which of the following is an encryption tool that allows users to encrypt files and folders by right-clicking a given object?
Encrypting File System (EFS)
What is the most likely outcome if both sets of encryption keys are damaged or lost?
The data cannot be decrypted.
True or False? A code signing digital certificate identifies an individual and is commonly used with electronic signatures.
True
True or False? Transport Layer Security (TLS) was formerly called Advanced Encryption Standard (AES).
False
True or False? Transport Layer Security (TLS) creates an encrypted tunnel between a web client and a web server.
True
