Aug 25 • 🙋♂️ CISSP
CISSP Practice Question (Security and Risk Management - Hard):
XYZ Corporation is implementing a new security policy to address data leakage through email communications. The company handles sensitive information that must be protected in transit, and they are concerned about unauthorized data exfiltration. The security team has decided to implement a Data Loss Prevention (DLP) solution integrated with their email gateway. As the security officer, you need to define the policies that must be enforced by the DLP system. Which of the following configuration choices would be the MOST effective in achieving this goal?
Options:
A. Configure the DLP system to monitor outbound emails for patterns matching credit card numbers and encrypt any email containing such patterns.
B. Set up the DLP system to block any outbound email containing attachments with file types such as .doc, .xls, and .pdf.
C Use the DLP system to silently log all outbound emails without enforcing any restrictions to assess the scale of data sent.
D. Implement the DLP system to flag and quarantine emails containing keywords related to sensitive projects before they are sent externally.
Study more at: https://cissp.app
2
8 comments
CISSP Practice Question (Security and Risk Management - Hard):
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+45
2
+17
3
+14
4
+14
5
+11
Powered by