Which of the following solutions should the security engineer recommend to address these requirements?

A security engineer needs to recommend a solution that will meet the following requirements:

Identify sensitive data in the provider’s network

Maintain compliance with company and regulatory guidelines

Detect and respond to insider threats, privileged user threats, and compromised accounts Enforce datacentric security, such as encryption, tokenization, and access control

Which of the following solutions should the security engineer recommend to address these requirements?
A . WAF
B . CASB
C . SWG
D . DLP

View Answer

Answer: D

Explanation:

DLP (data loss prevention) is a solution that can meet the following requirements: identify sensitive data in the provider’s network, maintain compliance with company and regulatory guidelines, detect and respond to insider threats, privileged user threats, and compromised accounts, and enforce data-centric security, such as encryption, tokenization, and access control. DLP can monitor, classify, and protect data in motion, at rest, or in use, and prevent unauthorized disclosure or exfiltration. WAF (web application firewall) is a solution that can protect web applications from common attacks, such as SQL injection or cross-site scripting, but it does not address the requirements listed. CASB (cloud access security broker) is a solution that can enforce policies and controls for accessing cloud services and applications, but it does not address the requirements listed. SWG (secure web gateway) is a solution that can monitor and filter web traffic to prevent malicious or unauthorized access, but it does not address the requirements listed.

Verified Reference:

https://www.comptia.org/blog/what-is-data-loss-prevention

https://partners.comptia.org/docs/default-source/resources/casp-content-guid