CompTIA Security+ (SY0-501) — Question 921

A software development company needs to augment staff by hiring consultants for a high-stakes project. The project has the following requirements:
✑ Consultants will have access to highly confidential, proprietary data.
✑ Consultants will not be provided with company-owned assets.
✑ Work needs to start immediately.
✑ Consultants will be provided with internal email addresses for communications.
Which of the following solutions is the BEST method for controlling data exfiltration during this project?

Answer options

• A. Require that all consultant activity be restricted to a secure VDI environment
• B. Require the consultants to sign an agreement stating they will only use the company-provided email address for communications during the project
• C. Require updated antivirus, USB blocking, and a host-based firewall on all consultant devices
• D. Require the consultants to connect to the company VPN when accessing confidential resources

Correct answer: A

Explanation

The best approach to control data exfiltration is to require that all consultant activity be restricted to a secure VDI environment, as this isolates the environment and protects sensitive data. While the other options might enhance security, they do not provide the same level of control and containment as a VDI solution, where data remains within the company’s secure infrastructure.