CompTIA Security+ Question G-53

After copying a sensitive document from his desktop to a flash drive, Peter, a user, realizes that the document is no longer encrypted. Which of the following can a security technician implement to ensure that documents stored on Peter’s desktop remain encrypted when moved to external media or other network based storage?

A. Whole disk encryption
B. Removable disk encryption
C. Database record level encryption
D. File level encryption

Answer: D

Encryption is used to ensure the confidentiality of information. In this case you should make use of file level encryption. File level encryption is a form of disk encryption where individual files or directories are encrypted by the file system itself. This is in contrast to full disk encryption where the entire partition or disk, in which the file system resides, is encrypted.