CompTIA Security+ (SY0-501) — Question 174

Due to regulatory requirements, a security analyst must implement full drive encryption on a Windows file server.
Which of the following should the analyst implement on the system to BEST meet this requirement? (Choose two.)

Answer options

• A. Enable and configure EFS on the file system.
• B. Ensure the hardware supports TPM, and enable it in the BIOS.
• C. Ensure the hardware supports VT-X, and enable it in the BIOS.
• D. Enable and configure BitLocker on the drives.
• E. Enable and configure DFS across the file system.

Correct answer: B, D

Explanation

The correct answers are B and D because BitLocker provides full drive encryption, which meets the regulatory requirement, while TPM enhances security by storing encryption keys securely. Options A and E are incorrect as EFS is not full drive encryption and DFS is related to file sharing rather than encryption. Option C is unrelated as VT-X is for virtualization, not encryption.