After a routine audit, a company discovers that engineering documents have been leaving the network on a particular port.
The company must allow outbound traffic on this port, as it has a legitimate business use.
Blocking the port would cause an outage.
Which of the following technology controls should the company implement?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
The best technology control for this scenario would be DLP (Data Loss Prevention). DLP can help monitor and prevent sensitive data from leaving the network.
In this case, the engineering documents leaving the network on a particular port can be identified using DLP's content inspection feature. Once the content is identified, the DLP system can take various actions such as blocking the transfer, encrypting the data, or alerting the security team.
NAC (Network Access Control) can control access to the network based on the user and device identity, but it would not be effective in this scenario because the outbound traffic is legitimate.
Web proxies can be used to monitor and control web traffic, but it would not be effective in this scenario as the documents are leaving the network on a particular port, not through a web browser.
ACL (Access Control List) can restrict network traffic based on the IP address or port number, but it would not be a good solution in this scenario as blocking the port would cause an outage and would not be a practical solution.
Therefore, DLP would be the best technology control to monitor and prevent sensitive data from leaving the network on a particular port while allowing legitimate business use.