A company's IT policy requires the protection of sensitive data on employee laptops, especially those taken off premises. Recently, data theft on these devices has become a concern. Which of the following security measures should the company implement to safeguard the laptops?

Rationale

Full disk encryption is the most effective security measure for safeguarding sensitive data on employee laptops.

Full disk encryption ensures that all data stored on a laptop's hard drive is encrypted, making it inaccessible without the proper credentials. This is especially crucial for laptops that are taken off premises, as they are more vulnerable to theft or unauthorized access.

A (Full disk encryption) CORRECT

This choice is the best option because it protects all data on the device by encrypting the entire disk. If a laptop is lost or stolen, the data remains secure as it cannot be accessed without the correct decryption key or password, safeguarding sensitive information effectively.

B (Intrusion detection software) YOUR ANSWER

While intrusion detection software is useful for monitoring and identifying unauthorized access attempts, it does not directly protect data stored on the laptop itself. If a device is stolen, this software will not prevent data breaches, as it focuses on network threats rather than securing data at rest.

C (Biometric authentication) YOUR ANSWER

Biometric authentication enhances security by verifying the identity of the user, but it only controls access to the device. If a laptop is stolen while powered on or if the data is not encrypted, the thief could still access sensitive information, making this measure insufficient on its own.

D (VPN access) YOUR ANSWER

VPN access provides a secure connection to the internet, protecting data in transit. However, it does not encrypt or secure data stored on the laptop itself. If a device is compromised or stolen, any unprotected data on the hard drive remains vulnerable.

Conclusion

To safeguard sensitive data on employee laptops, especially those taken off premises, full disk encryption emerges as the most effective measure. By encrypting all information stored on the device, it ensures that even if a laptop is stolen, the data remains secure and inaccessible. Other measures, while valuable for different aspects of security, do not directly protect data at rest and therefore cannot substitute for the comprehensive protection that full disk encryption offers.

A company's IT policy requires the protection of sensitive data on employee laptops, especially those taken off premises. Recently, data theft on these devices has become a concern. Which of the following security measures should the company implement to safeguard the laptops?

Full disk encryption is the most effective security measure for safeguarding sensitive data on employee laptops.

Related Questions

Related Quizzes

How familiar were you with this question?

Report an Issue

Rate this Practice Test