CompTIA CASP+ (CAS-003) — Question 110
A breach was caused by an insider threat in which customer PII was compromised. Following the breach, a lead security analyst is asked to determine which vulnerabilities the attacker used to access company resources.
Which of the following should the analyst use to remediate the vulnerabilities?
Answer options
- A. Protocol analyzer
- B. Root cause analysis
- C. Behavioral analytics
- D. Data leak prevention
Correct answer: D
Explanation
The correct answer is D, Data leak prevention, as it directly addresses the protection of sensitive information from being accessed or exfiltrated. While A (Protocol analyzer) is useful for monitoring traffic, B (Root cause analysis) helps in understanding the breach but does not directly remediate vulnerabilities, and C (Behavioral analytics) can help detect unusual activities but is not specifically aimed at preventing data leaks.