CompTIA Security+ (SY0-501) — Question 385

Joe a website administrator believes he owns the intellectual property for a company invention and has been replacing image files on the company's public facing website in the DMZ. Joe is using steganography to hide stolen data.
Which of the following controls can be implemented to mitigate this type of inside threat?

Answer options

• A. Digital signatures
• B. File integrity monitoring
• C. Access controls
• D. Change management
• E. Stateful inspection firewall

Correct answer: B

Explanation

File integrity monitoring is effective in this scenario as it can detect unauthorized changes to files, alerting administrators to potential misuse, such as Joe's actions. The other options, while useful for various security aspects, do not specifically address the need to monitor and verify the integrity of files being altered on the website.