CompTIA Security Plus Mock Test Q279

Which of the following are Data Loss Prevention (DLP) strategies that address data in transit issues? (Select TWO).

A. Scanning printing of documents.
B. Scanning of outbound IM (Instance Messaging).
C. Scanning copying of documents to USB.
D. Scanning of SharePoint document library.
E. Scanning of shared drives.
F. Scanning of HTTP user traffic.

Correct Answer: B,F
Section: Compliance and Operational Security

DLP systems monitor the contents of systems (workstations, servers, networks) to make sure key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. Outbound IM and HTTP user traffic refers to data over a network which falls within the DLP strategy.

Incorrect Answers:
A: Printing of documents will not necessarily result in data loss since it is a hard copy of the soft copy that is already there.
C: Copying documents to USB amounts to duplicating data.
D: A SharePoint document Library is a list of the documents and not the data itself. This is not a data in transit issue
E: Shared drive scanning is not data in transit.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 236-237, 364