CompTIA Security Plus Mock Test Q427

Several departments within a company have a business need to send high volumes of confidential information to customers via email. Which of the following is the BEST solution to mitigate unintentional exposure of confidential information?

A. Employ encryption on all outbound emails containing confidential information.
B. Employ exact data matching and prevent inbound emails with Data Loss Prevention.
C. Employ hashing on all outbound emails containing confidential information.
D. Employ exact data matching and encrypt inbound e-mails with Data Loss Prevention.


Correct Answer: A
Section: Compliance and Operational Security

Explanation:
Encryption is used to ensure the confidentiality of information and in this case the outbound email that contains the confidential information should be encrypted.

Incorrect Answers:
B: DLP system should be set to monitor the outbound emails not the inbound email since the company will be sending out confidential email.
C: Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables.
D: Encrypting inbound email would be futile if the data protection should be carried out on outbound email.

References:
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 236, 255, 291