CompTIA Security Plus Mock Test Q467

An organization processes credit card transactions and is concerned that an employee may intentionally email credit card numbers to external email addresses. This company should consider which of the following technologies?

A. IDS
B. Firewalls
C. DLP
D. IPS


Correct Answer: C
Section: Compliance and Operational Security

Explanation:
A Data Loss Prevention technology is aimed at detecting and preventing unauthorized access to, use of, or transmission of sensitive information such as credit card details.

Incorrect Answers:
A: IDS is designed to detect the presence of an unauthorized intruder or unwanted activity only.
B: Firewalls are usually employed on the networks together with IDS and IPS.
D: IPS is designed to detect attempts to gain unauthorized access and preventing access.

References:
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 100