CompTIA CySA+ (CS0-001) — Question 204

A security analyst is concerned that employees may attempt to exfiltrate data prior to tendering their resignations. Unfortunately, the company cannot afford to purchase a data loss prevention system. Which of the following recommendations should the security analyst make to provide defense-in-depth against data loss?
(Choose three.)

Answer options

• A. Prevent users from accessing personal email and file-sharing sites via web proxy
• B. Prevent flash drives from connecting to USB ports using Group Policy
• C. Prevent users from copying data from workstation to workstation
• D. Prevent users from using roaming profiles when changing workstations
• E. Prevent Internet access on laptops unless connected to the network in the office or via VPN
• F. Prevent users from being able to use the copy and paste functions

Correct answer: A, B, E

Explanation

The correct actions A, B, and E help to mitigate the risk of data exfiltration by limiting users' access to personal email and file-sharing sites, preventing the use of removable storage devices, and controlling internet access. Options C, D, and F are less effective as they do not directly address the primary concerns of data theft, and may not be practical in maintaining user productivity and workflow.