What is full disk encryption (FDE)?
D5 ยท Crypto ยท CompTIA Security+ SY0-701Full disk encryption (FDE) encrypts all data on a storage device โ OS, applications, and user data โ so it is unreadable without the correct key or credentials.
Solutions: BitLocker (Windows, uses TPM), FileVault (macOS), LUKS (Linux), VeraCrypt (cross-platform).
FDE protects data at rest โ the encryption is transparent when the device is unlocked and in use.
Solutions: BitLocker (Windows, uses TPM), FileVault (macOS), LUKS (Linux), VeraCrypt (cross-platform).
FDE protects data at rest โ the encryption is transparent when the device is unlocked and in use.
FDE is the answer when a question asks how to protect data on a lost or stolen laptop. It protects data at rest. Note: FDE does NOT protect data in transit (that's TLS) or data in use. TPM + FDE = key tied to hardware, preventing boot on another machine.