Certified in Risk and Information Systems Control (CRISC) — Question 1072

In an organization that allows employee use of social media accounts for work purposes, which of the following is the BEST way to protect company sensitive information from being exposed?

Answer options

• A. Taking punitive action against employees who expose confidential data
• B. Requiring employees to sign nondisclosure agreements (NDAs)
• C. Implementing a data loss prevention (DLP) solution
• D. Educating employees on what needs to be kept confidential

Correct answer: C

Explanation

The correct answer is C, implementing a data loss prevention (DLP) solution, as it actively monitors and protects sensitive data from unauthorized sharing. While options A, B, and D can contribute to a culture of confidentiality, they do not provide the proactive technical safeguards that a DLP solution offers.