Full disk encryption is a security control that protects data stored on devices such as laptops, desktops, and servers by encrypting the entire hard disk. If a device is stolen or lost, the encrypted data on the disk cannot be accessed without the appropriate decryption key or password.
Physical theft of media on which information is stored is a common threat to the confidentiality and integrity of organizational data. By implementing policies and procedures related to full disk encryption, organizations can prevent unauthorized access to sensitive data in the event of a physical theft of a device containing the data.
While policies and procedures related to full disk encryption may help prevent other risk scenarios, such as data leakage and unauthorized logical access, other security controls, such as access controls and data loss prevention, are better suited to address these scenarios. Policies and procedures related to full disk encryption are typically implemented to address the risk of physical theft of media on which information is stored.
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.CISA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
SRJ13
7 months, 2 weeks ago