CompTIA CySA+ (CS0-003) — Question 386

A company wants to implement protection mechanisms after an incident in which customer information was sent to a third party. Which of the following tools should the company implement?

Answer options

• A. SIEM
• B. EDR
• C. CASB
• D. DLP

Correct answer: D

Explanation

The correct answer is DLP (Data Loss Prevention), which is specifically designed to prevent the unauthorized transmission of sensitive data. SIEM, EDR, and CASB serve different purposes; SIEM focuses on security information management, EDR deals with endpoint threats, and CASB is for cloud security, but they do not directly prevent data leakage like DLP does.