Chapter 2 ■ Asset Security (Domain 2) 33
C. Decryption
D. Loss of data integrity
- Full disk encryption like Microsoft’s BitLocker is used to protect data in what state?
A. Data in transit
B. Data at rest
C. Unlabeled data
D. Labeled data
- Sue’s employer has asked her to use an IPsec VPN to connect to its network. When Sue
connects, what does the IPsec VPN allow her to do?
A. Send decrypted data over a public network and act like she is on her employer’s
internal network.
B. Create a private encrypted network carried via a public network and act like she is on
her employer’s internal network.
C. Create a virtual private network using TLS while on her employer’s internal network.
D. Create a tunneled network that connects her employer’s network to her internal home
network - What is the primary purpose of data classification?
A. It quantifies the cost of a data breach.
B. It prioritizes IT expenditures.
C. It allows compliance with breach notification laws.
D. It identifies the value of the data to the organization.
- Fred’s organization allows downgrading of systems for reuse after projects have been
finished and the systems have been purged. What concern should Fred raise about the
reuse of the systems from his Top Secret classified project for a future project classified as
Secret?
A. The Top Secret data may be commingled with the Secret data, resulting in a need to
relabel the system.
B. The cost of the sanitization process may exceed the cost of new equipment.
C. The data may be exposed as part of the sanitization process.
D. The organization’s DLP system may flag the new system due to the difference in data
labels. - Which of the following concerns should not be part of the decision when classifying data?
A. The cost to classify the data
B. The sensitivity of the data
C. The amount of harm that exposure of the data could cause
D. The value of the data to the organization