A financial institution wants to reduce the risk of sensitive customer data exfiltration by employees. Which of the following would be the MOST effective measure to implement?
Enabling biometric authentication on all data systems.
Enforcing the use of strong encryption protocols for data at rest.
Disabling unused physical and logical service ports company-wide.
Segmenting the internal network based on departmental functions.
Implementing monitoring and blocking of suspicious data transfers.
Setting up a system that monitors, detects, and blocks potentially unauthorized data transmissions can dramatically lower the likelihood of sensitive information being leaked or transferred outside the company by an insider with legitimate access. While biometric authentication adds a layer of security, it does not prevent data exfiltration by authenticated users. Disabling unused service ports and enforcing strong encryption enhance security but are not directly effective in monitoring or preventing the transfer of sensitive data from insiders. Segmenting the network can reduce the risk of widespread internal access, but it is not specifically aimed at preventing data exfiltration.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is data exfiltration?
Open an interactive chat with Bash
How does monitoring and blocking of data transfers work?
Open an interactive chat with Bash
What are strong encryption protocols for data at rest?