CompTIA Security+ (SY0-601) — Question 829

A Chief Information Security Officer wants to ensure the organization is validating and checking the integrity of zone transfers. Which of the following solutions should be implemented?

Answer options

• A. DNSSEC
• B. LDAPS
• C. NGFW
• D. DLP

Correct answer: A

Explanation

DNSSEC is designed to protect the integrity of DNS data and ensure that zone transfers are validated, making it the correct choice. LDAPS is related to directory services security, NGFW pertains to network security firewalls, and DLP focuses on data loss prevention, none of which specifically address the integrity of zone transfers.