CompTIA CySA+ (CS0-002) — Question 345

A team of network security analysts is examining network traffic to determine if sensitive data was exfiltrated. Upon further investigation, the analysts believe confidential data was compromised. Which of the following capabilities would BEST defend against this type of sensitive data exfiltration?

Answer options

• A. Deploy an edge firewall.
• B. Implement DLP.
• C. Deploy EDR.
• D. Encrypt the hard drives.

Correct answer: B

Explanation

Implementing Data Loss Prevention (DLP) is the best defense against sensitive data exfiltration as it actively monitors and controls data transfers to ensure that confidential information is not leaked. An edge firewall primarily protects against external threats, while EDR focuses on endpoint detection and response, and encrypting hard drives secures data at rest but does not prevent unauthorized data transfers.