A small business owner wants to protect sensitive customer data stored on a laptop that is frequently used on public Wi-Fi networks. The owner is considering implementing a security control that ensures data remains confidential even if the laptop is stolen. Which of the following is the BEST control for this scenario?
Trap 1: Use a VPN when connected to public Wi-Fi
A VPN encrypts network traffic, not data stored on the device.
Trap 2: Install antivirus software
Antivirus protects against malware but does not ensure data confidentiality if the device is stolen.
Trap 3: Require a strong password for user login
A strong password prevents unauthorized login but does not encrypt data at rest.
- A
Use a VPN when connected to public Wi-Fi
Why wrong: A VPN encrypts network traffic, not data stored on the device.
- B
Install antivirus software
Why wrong: Antivirus protects against malware but does not ensure data confidentiality if the device is stolen.
- C
Implement full-disk encryption
Full-disk encryption protects data at rest by encrypting the entire drive, so data is unreadable without the decryption key.
- D
Require a strong password for user login
Why wrong: A strong password prevents unauthorized login but does not encrypt data at rest.