A company that has been breached multiple times is looking to protect cardholder data.
The previous undetected attacks all mimicked normal administrative-type behavior.
The company must deploy a host solution to meet the following requirements: -> Detect administrative actions -> Block unwanted MD5 hashes -> Provide alerts -> Stop exfiltration of cardholder data Which of the following solutions would BEST meet these requirements? (Choose two.)
Click on the arrows to vote for the correct answer
A. B. C. D. E. F.BD.
Out of the given options, the two best solutions that can meet the requirements of detecting administrative actions, blocking unwanted MD5 hashes, providing alerts, and stopping exfiltration of cardholder data are EDR (Endpoint Detection and Response) and DLP (Data Loss Prevention).
EDR is a cybersecurity solution that provides continuous monitoring and response to endpoint activities. It collects and analyzes endpoint data to detect potential threats and responds to them in real-time. EDR can detect administrative actions and provide alerts whenever it detects unusual or suspicious behavior. It can also stop the exfiltration of cardholder data by blocking any unauthorized transfer of data from the endpoints. However, EDR may not be able to block unwanted MD5 hashes, which is one of the requirements.
DLP is another cybersecurity solution that is designed to protect sensitive data from unauthorized access, use, disclosure, or exfiltration. DLP solutions can monitor and control the movement of data across networks, endpoints, and storage devices. DLP can detect and block unwanted MD5 hashes and provide alerts whenever it detects any attempt to access or transfer sensitive data. DLP can also stop the exfiltration of cardholder data by blocking any unauthorized transfer of data. However, DLP may not be able to detect administrative actions, which is one of the requirements.
Therefore, the best combination of solutions to meet all the requirements would be EDR and DLP. This combination can provide complete endpoint protection by detecting administrative actions, blocking unwanted MD5 hashes, providing alerts, and stopping exfiltration of cardholder data.