CompTIA Security+ (SY0-601) — Question 22

Which of the following is an effective tool to stop or prevent the exfiltration of data from a network?

Answer options

• A. DLP
• B. NIDS
• C. TPM
• D. FDE

Correct answer: A

Explanation

DLP, or Data Loss Prevention, is designed specifically to detect and prevent data exfiltration, making it the correct choice. NIDS (Network Intrusion Detection System) monitors network traffic but does not actively stop data loss. TPM (Trusted Platform Module) provides hardware-based security but does not directly prevent data exfiltration. FDE (Full Disk Encryption) secures data at rest but does not address live data transfer risks.