ISC2 Systems Security Certified Practitioner (SSCP) Practice Question
An enterprise wants to stop staff from uploading credit-card data to unauthorized cloud storage over HTTPS. The network already has a TLS-terminating proxy, a next-gen firewall, and a SPAN feed to a passive IDS. When adding a network-based DLP that must block violations in real time, which requirement is MOST critical for accurate detection and prevention?
Feed NetFlow or IPFIX records from edge routers into the DLP so it can identify large data transfers in near real time.
Ensure outbound TLS sessions are decrypted by an inline proxy or firewall and the clear-text traffic is passed to the DLP engine for inspection.
Integrate the DLP with the organization's directory service to apply user-based policies before any decryption is performed.
Attach the DLP sensor to the existing SPAN port so it can analyze mirrored (but still encrypted) traffic without affecting latency.
Network-based DLP appliances identify sensitive data by examining packet payloads. When traffic is protected by TLS, those payloads are encrypted and unreadable to the DLP unless decryption occurs before inspection. Forwarding clear-text streams from an inline SSL/TLS-terminating device (such as a proxy or firewall performing SSL inspection) lets the DLP apply its content-matching policies and, if necessary, actively block the session. Merely mirroring encrypted traffic to a passive sensor, relying on flow records, or integrating with directory services does not provide the content visibility required to discover payment data in motion or to prevent its egress.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is TLS decryption necessary for a network-based DLP to inspect data?
Open an interactive chat with Bash
What is the role of an SSL/TLS-terminating device in a security network?
Open an interactive chat with Bash
Why are alternatives like SPAN or NetFlow insufficient for real-time DLP enforcement?
Open an interactive chat with Bash
ISC2 Systems Security Certified Practitioner (SSCP)
Network and Communication Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .