Certified Information Systems Auditor (CISA) — Question 1411

Which of the following is the BEST method to safeguard data on an organization's laptop computers?

Answer options

• A. Two-factor authentication
• B. Full disk encryption
• C. Disabled USB ports
• D. Biometric access control

Correct answer: B

Explanation

Full disk encryption is the best method because it ensures that all data on the laptop is encrypted and inaccessible without the proper credentials, even if the device is lost or stolen. While two-factor authentication and biometric access control enhance access security, they do not protect the data itself once access is gained. Disabling USB ports may prevent data exfiltration but does not secure the data stored on the laptop.