nerdexam
CompTIA

CNX-001 · Question #46

An administrator must ensure that credit card numbers are not contained in any outside messaging or file transfers from the organization. Which of the following controls meets this requirement?

The correct answer is C. Data loss prevention. Data Loss Prevention (DLP) is specifically designed to detect, monitor, and block the transmission of sensitive data - such as credit card numbers (PANs) - through channels like email, messaging, and file transfers. DLP solutions use pattern matching (e.g., Luhn algorithm for car

Cloud Network Security

Question

An administrator must ensure that credit card numbers are not contained in any outside messaging or file transfers from the organization. Which of the following controls meets this requirement?

Options

  • AIntrusion detection system
  • BEgress filtering
  • CData loss prevention
  • DEncryption in transit

How the community answered

(34 responses)
  • A
    3% (1)
  • C
    94% (32)
  • D
    3% (1)

Explanation

Data Loss Prevention (DLP) is specifically designed to detect, monitor, and block the transmission of sensitive data - such as credit card numbers (PANs) - through channels like email, messaging, and file transfers. DLP solutions use pattern matching (e.g., Luhn algorithm for card numbers) to identify sensitive content and enforce policies that prevent it from leaving the organization. An IDS (A) detects intrusions but does not inspect outbound content for sensitive data. Egress filtering (B) controls outbound traffic by IP/port but does not perform deep content inspection. Encryption in transit (D) protects data during transfer but does not prevent the data from being sent in the first place.

Topics

#Data Loss Prevention (DLP)#Data Protection#Security Controls#Egress Security

Community Discussion

No community discussion yet for this question.

Full CNX-001 Practice