CompTIA Security+ Question I-17

Which of the following should be enabled in a laptop’s BIOS prior to full disk encryption?

A. USB
B. HSM
C. RAID
D. TPM

Answer: D

Explanation:
Trusted Platform Module (TPM) is a hardware-based encryption solution that is embedded in the system’s motherboard and is enabled or disable in BIOS. It helps with hash key generation and stores cryptographic keys, passwords, or certificates.