Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam SY0-701 Topic 1 Question 9 Discussion

Actual exam question for CompTIA's SY0-701 exam
Question #: 9
Topic #: 1
[All SY0-701 Questions]

A company must ensure sensitive data at rest is rendered unreadable. Which of the following will the company most likely use?

Show Suggested Answer Hide Answer
Suggested Answer: C

Encryption is a method of transforming data in a way that makes it unreadable without a secret key necessary to decrypt the data back into plaintext. Encryption is one of the most common and effective ways to protect data at rest, as it prevents unauthorized access, modification, or theft of the data. Encryption can be applied to different types of data at rest, such as block storage, object storage, databases, archives, and so on. Hashing, tokenization, and segmentation are not methods of rendering data at rest unreadable, but rather of protecting data in other ways. Hashing is a one-way function that generates a fixed-length output, called a hash or digest, from an input, such that the input cannot be recovered from the output. Hashing is used to verify the integrity and authenticity of data, but not to encrypt it. Tokenization is a process that replaces sensitive data with non-sensitive substitutes, called tokens, that have no meaning or value on their own. Tokenization is used to reduce the exposure and compliance scope of sensitive data, but not to encrypt it. Segmentation is a technique that divides a network or a system into smaller, isolated units, called segments, that have different levels of access and security.Segmentation is used to limit the attack surface and contain the impact of a breach, but not to encrypt data at rest.Reference:CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, pages 77-781; Protecting data at rest - Security Pillar3


by Alyce at Mar 07, 2024, 09:48 PM

Limited Time Offer

25%

Off

Get Premium SY0-701 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Sherita
4 days ago
Encryption is the way to go, no doubt about it. Although, I have to say, the idea of segmentation sounds a bit like building a data fortress. 'Keep out, this data is mine!' *laughs*
upvoted 0 times
...
Ula
5 days ago
Yup, encryption is the clear winner in this case. I mean, who wants their sensitive data out there for everyone to read? Not me, that's for sure!
upvoted 0 times
...
Elvera
6 days ago
I agree, encryption is the way to go here. Hashing wouldn't work since it's a one-way process, and tokenization just replaces data with a non-sensitive equivalent. Segmentation is more about isolating data, not making it unreadable.
upvoted 0 times
...
Francisca
7 days ago
This question is definitely testing our knowledge of data protection techniques. Hmm, I think the answer is encryption. It's the most common way to ensure sensitive data at rest is unreadable to unauthorized parties.
upvoted 0 times
...

Save Cancel