Certified Information Systems Security Professional (CISSP) — Question 282

Which of the following is an example of a vulnerability of full-disk encryption (FDE)?

Answer options

• A. Data on the device cannot be restored from backup.
• B. Data on the device cannot be backed up.
• C. Data in transit has been compromised when the user has authenticated to the device.
• D. Data at rest has been compromised when the user has authenticated to the device.

Correct answer: D

Explanation

The correct answer, D, highlights that once a user authenticates to a device with full-disk encryption, any data stored on the device can potentially be accessed by an attacker if the device is compromised. Options A and B refer to backup issues, which are not vulnerabilities of FDE itself, while option C relates to data in transit, not data at rest.