A security administrator must use a strategy to protect the company's data. The security administrator decides to deploy FDE on the end user devices and TLS for all web connections. Which of the following concepts are being used? (Select two).

Rationale

Data in transit and data at rest are the concepts being used.

The security administrator is implementing Full Disk Encryption (FDE) to safeguard data stored on end-user devices, which falls under data at rest, while deploying Transport Layer Security (TLS) protects data as it travels over the web, categorizing it as data in transit.

A (Data segmentation) YOUR ANSWER

Data segmentation refers to the practice of separating data into distinct sections to enhance security and manageability. While this can be part of a broader security strategy, the actions described in the scenario—FDE and TLS—do not directly involve segmenting data but rather focus on securing it in both storage and transmission.

B (Data in transit) CORRECT

Data in transit applies to information actively moving from one location to another, such as across a network. The use of TLS for web connections specifically addresses this concept, ensuring that data transferred over the internet is encrypted and secure from interception during transmission.

C (Data sovereignty) YOUR ANSWER

Data sovereignty relates to the concept that data is subject to the laws and regulations of the country in which it is located. While important for compliance, this concept is not directly relevant to the implementation of FDE and TLS, which focus on encryption and security rather than legal jurisdiction.

D (Data in use) YOUR ANSWER

Data in use refers to information actively being processed or manipulated by applications and users. The measures taken by the administrator—FDE and TLS—primarily focus on protecting data at rest and data in transit, not specifically addressing data that is currently in use.

E (Data at rest) CORRECT

Data at rest pertains to inactive data stored physically in any digital form (e.g., databases, file systems). The deployment of FDE on end-user devices ensures that the data stored on those devices is encrypted, thus protecting it while it is not being accessed or transmitted.

F (Data redundancy) YOUR ANSWER

Data redundancy involves duplicating data to prevent loss and enhance availability. While redundancy is a key aspect of data management strategies, it does not relate to the security measures described, which are focused on encryption rather than data duplication.

Conclusion

In this scenario, the security administrator employs strategies that specifically address data protection during storage and transmission. By implementing FDE, they ensure data at rest is secure, while TLS safeguards data in transit, making these the correct concepts in play. Other options like data segmentation, data sovereignty, data in use, and data redundancy do not directly apply to the strategies being utilized for protecting the company’s data.

A security administrator must use a strategy to protect the company's data. The security administrator decides to deploy FDE on the end user devices and TLS for all web connections. Which of the following concepts are being used? (Select two).

Data in transit and data at rest are the concepts being used.

Related Questions

Related Quizzes

How familiar were you with this question?

Report an Issue

Rate this Practice Test