nerdexam
CompTIA

SY0-301 · Question #520

A company is trying to limit the risk associated with the use of unapproved USB devices to copy documents. Which of the following would be the BEST technology control to use in this scenario?

The correct answer is D. DLP. DLP (Data Loss Prevention) is specifically designed to detect and prevent unauthorized copying, transfer, or exfiltration of sensitive data - including to removable media like USB drives. DLP can block unapproved devices from copying documents based on policy. Content filtering (

Security architecture

Question

A company is trying to limit the risk associated with the use of unapproved USB devices to copy documents. Which of the following would be the BEST technology control to use in this scenario?

Options

  • AContent filtering
  • BIDS
  • CAudit logs
  • DDLP

How the community answered

(31 responses)
  • A
    6% (2)
  • B
    13% (4)
  • C
    3% (1)
  • D
    77% (24)

Explanation

DLP (Data Loss Prevention) is specifically designed to detect and prevent unauthorized copying, transfer, or exfiltration of sensitive data - including to removable media like USB drives. DLP can block unapproved devices from copying documents based on policy. Content filtering (A) controls web/email content, not removable media. IDS (B) detects intrusions but cannot block data transfers to USB. Audit logs (C) record events after the fact but do not actively prevent data from being copied.

Topics

#DLP#USB controls#data exfiltration#endpoint security

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice