CompTIA CySA+ Exam: Preventing Data Spillage

Preventing Data Spillage

Question

Data spillage occurred when an employee accidentally emailed a sensitive file to an external recipient.

Which of the following controls would have MOST likely prevented this incident?

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

B.

https://greenlightcorp.com/blog/cyber-security-solutions-data-spillage-and-how-to-create-an-after-incident-to-do-list/

The control that would MOST likely have prevented the incident of data spillage occurring when an employee accidentally emailed a sensitive file to an external recipient is Data Loss Prevention (DLP).

Data Loss Prevention (DLP) is a set of technologies and processes designed to identify, monitor, and protect data in use, in transit, and at rest. DLP solutions can help organizations prevent sensitive data from being disclosed to unauthorized individuals or entities.

DLP solutions can detect and prevent data loss by using content analysis and contextual analysis. Content analysis involves examining the content of data to identify sensitive information, such as credit card numbers or Social Security numbers. Contextual analysis involves examining the context of data, such as user behavior or network traffic patterns, to identify potential data loss risks.

In the scenario described, DLP could have been used to prevent the employee from sending the sensitive file to an external recipient. DLP could have identified the sensitive data in the email and prevented it from being sent outside the organization. Alternatively, DLP could have alerted the employee to the sensitive nature of the file and prompted them to take extra precautions before sending it.

SSO (Single Sign-On) is a system that enables users to access multiple applications with a single set of login credentials. While SSO can help streamline authentication and access management, it would not have prevented the accidental email of sensitive data.

WAF (Web Application Firewall) is a security solution that monitors and filters incoming web traffic to protect against attacks. While WAF can help protect against web-based attacks, it would not have prevented the accidental email of sensitive data.

VDI (Virtual Desktop Infrastructure) is a virtualization technology that enables users to access a desktop environment from a remote location. While VDI can help protect against data loss by keeping data within the organization's network, it would not have prevented the accidental email of sensitive data.