SY0-301 Question #794: Real Exam Question with Answer & Explanation

The correct answer is D: Only USB devices supporting encryption are to be used.. Data Loss Prevention (DLP) policies aim to prevent sensitive data from leaving organizational control, especially via removable media. Requiring only encrypted USB devices ensures that if a drive is lost, stolen, or misplaced, the data on it is unreadable without the decryption k

Question

A security administrator has implemented a policy to prevent data loss. Which of the following is the BEST method of enforcement?

Options

AInternet networks can be accessed via personally-owned computers.
BData can only be stored on local workstations.
CWi-Fi networks should use WEP encryption by default.
DOnly USB devices supporting encryption are to be used.

Explanation

Data Loss Prevention (DLP) policies aim to prevent sensitive data from leaving organizational control, especially via removable media. Requiring only encrypted USB devices ensures that if a drive is lost, stolen, or misplaced, the data on it is unreadable without the decryption key - directly enforcing data protection on the most common physical data exfiltration vector. Option A (personal computers accessing the internet) increases risk by reducing organizational control. Option B (data only on local workstations) increases risk of loss if the workstation is stolen or fails. Option C (WEP encryption for Wi-Fi) is not only unrelated to removable media data loss, but WEP is a deprecated, cryptographically broken protocol and should never be used as a security standard.

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice