A multinational corporation with strict data protection policies has discovered unauthorized instances of sensitive information, such as client account details, being shared via email with external parties. To mitigate this risk, which strategy should the security team prioritize?
Implementing a solution at the network egress points to monitor content and prevent unauthorized transmissions based on predefined policies
Enhancing user access controls on all systems containing sensitive information
Deploying updated antivirus software across all endpoints to address security concerns
Applying full disk encryption to all devices within the organization to protect data at rest
Implementing a solution at network egress points is the most effective strategy to mitigate the risk of sensitive data being shared with external parties. Such systems are engineered to scrutinize outgoing information and enforce organizational policies to prevent unauthorized data transfer. By setting up strict rules that analyze the content and context of data being transmitted, the system can detect potential breaches and block the dissemination of sensitive information, especially through emails. While full disk encryption safeguards data at rest, it does not control data being sent out. Access control enhancements may restrict who can access sensitive data but do not necessarily govern the unauthorized transmission of the information. Antivirus applications typically protect against threats like malware and viruses, and may not have the necessary capabilities to prevent data exfiltration.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are network egress points?
Open an interactive chat with Bash
How do solutions at egress points monitor content?
Open an interactive chat with Bash
Why is full disk encryption not sufficient for preventing data leaks?