CompTIA Security+ (SY0-601) — Question 551

A new vulnerability enables a type of malware that allows the unauthorized movement of data from a system. Which of the following would detect this behavior?

Answer options

• A. Implementing encryption
• B. Monitoring outbound traffic
• C. Using default settings
• D. Closing all open ports

Correct answer: B

Explanation

Monitoring outbound traffic is essential for detecting unauthorized data transfers, as it allows for the identification of unusual or suspicious data flows. Implementing encryption protects data but does not specifically detect unauthorized movement, while using default settings and closing open ports may not address the issue of malware behavior.