Certified Information Systems Auditor (CISA) — Question 312

Which of the following is the MOST effective way to identify exfiltration of sensitive data by a malicious insider?

Answer options

• A. Provide ongoing information security awareness training.
• B. Establish behavioral analytics monitoring.
• C. Review perimeter firewall logs.
• D. Implement data loss prevention (DLP) software

Correct answer: D

Explanation

The correct answer is D because implementing data loss prevention (DLP) software directly targets the prevention and detection of unauthorized data transfers. While options A, B, and C may contribute to overall security posture, they do not specifically focus on identifying data exfiltration effectively.