CNX-001 · Question #46
An administrator must ensure that credit card numbers are not contained in any outside messaging or file transfers from the organization. Which of the following controls meets this requirement?
The correct answer is C. Data loss prevention. Data Loss Prevention (DLP) is specifically designed to detect, monitor, and block the transmission of sensitive data - such as credit card numbers (PANs) - through channels like email, messaging, and file transfers. DLP solutions use pattern matching (e.g., Luhn algorithm for car
Question
An administrator must ensure that credit card numbers are not contained in any outside messaging or file transfers from the organization. Which of the following controls meets this requirement?
Options
- AIntrusion detection system
- BEgress filtering
- CData loss prevention
- DEncryption in transit
How the community answered
(34 responses)- A3% (1)
- C94% (32)
- D3% (1)
Explanation
Data Loss Prevention (DLP) is specifically designed to detect, monitor, and block the transmission of sensitive data - such as credit card numbers (PANs) - through channels like email, messaging, and file transfers. DLP solutions use pattern matching (e.g., Luhn algorithm for card numbers) to identify sensitive content and enforce policies that prevent it from leaving the organization. An IDS (A) detects intrusions but does not inspect outbound content for sensitive data. Egress filtering (B) controls outbound traffic by IP/port but does not perform deep content inspection. Encryption in transit (D) protects data during transfer but does not prevent the data from being sent in the first place.
Topics
Community Discussion
No community discussion yet for this question.