Exam 220-1101 topic 1 question 381 discussion

The best option to help the administrator secure the corporate resources is B. Biometric scanner. A biometric scanner is a device that can authenticate a user’s identity based on their physical or behavioral characteristics, such as fingerprint, iris, face, voice, or signature. A biometric scanner can provide a high level of security and convenience for accessing corporate laptops, as it can prevent unauthorized users from accessing the devices and eliminate the need to remember passwords .

Not sure why there's so much debate on this. The issue at hand is preventing unauthorized users, biometrics is a no brainer as it provides a second factor of authentication. TPM does not verify users Encryption does not verify users

doesn't it say "limited to authorized users"... I think the answer should be B

My first thought was Biometrics. But when I went further to ask Windows Copilot, it gave this response: To further secure corporate resources on laptops and ensure access is limited to authorized users, especially after implementing a password policy, the best option would be: A. Trusted Platform Module (TPM): This is a hardware-based security feature that can manage encryption keys, thus providing a higher level of security than software-based solutions. It can help in securing the boot process and safeguarding data by integrating with system-level security measures.

The key word is "protect corporate resources", the systems administrator has already implemented a password policy, therefore he is not looking for security but rather to protect resources such as data, in this case the option is d. encryption

A systems administrator is working to ensure access to corporate laptops is limited to authorized users. The administrator has already implemented a password policy. Which of the following would be the best option to help the administrator secure the corporate resources? I think it is best to answer the question as it is. Sys admin is working to "ensure limited to authorized users." so this question topic seem like it asking authentication. Since Sys admin added a password policy, Biometric scanner will improved security thus MFA. Yes encryption will help secured the company resources but threat actor was about to just able to log in your account. Encryption won't really do much if they have control access to admin account. Not sure who in CompTIA wrote these question because all the question I been reading are very confusing and not clear.

D. Encryption Implementing encryption is a crucial measure to help secure corporate resources on laptops. Encryption ensures that even if a device is lost or stolen, the data on the device remains protected. It encrypts the data, making it unreadable without the proper decryption key. While options A (Trusted Platform Module) and B (Biometric scanner) also contribute to security, they serve different purposes: Trusted Platform Module (TPM): Provides a secure storage area for cryptographic keys and offers hardware-based security features. Biometric scanner: Uses physiological or behavioral characteristics for user authentication, such as fingerprints or facial recognition. It's an additional layer of authentication but doesn't directly protect the data stored on the device. Option C (Laptop lock) is a physical security measure that helps prevent theft but does not protect the data on the laptop.

B would be my answer

Encryption is a crucial security measure that helps protect sensitive data on laptops and other devices. It ensures that even if a laptop is stolen or accessed by unauthorized individuals, the data remains confidential and unreadable without the appropriate decryption key. Implementing full-disk encryption or file-level encryption on laptops is a recommended security practice to protect corporate resources.

...limited to authorized users. The administrator has already implemented a password policy. Encryption is not password policy.

I think is D cuz he’s need help for secure the information