Question

A technician is reviewing the following log:

1/10/2018 20:30:11 -> Remote host initiate connection
1/10/2018 20:30:12 -> Social media chat
1/10/2018 20:30:13 -> Sensitive watermarked document transferred
1/10/2018 20:30:14 -> Improper website accessed

Which of the following tools should the organization implement to reduce the highest risk identified in this log?

A. NIPS
B. DLP
C. NGFW
D. SIEM

Answer 1

The highest risk identified in the log is the transfer of sensitive data, and to reduce this risk, the organization should employ a Data Loss Prevention (DLP) system that can prevent unauthorized data transfers, including watermarked documents.

Step-by-step explanation:

The technician is reviewing a log that indicates a series of potentially risky activities, including the transfer of a sensitive watermarked document and access to an improper website. To reduce the highest risk identified in this log, which is the transfer of sensitive information, the organization should implement a Data Loss Prevention (DLP) solution. A DLP tool will help in monitoring, detecting, and blocking the transfer of sensitive data outside of the corporate network. It can be configured to identify specific data patterns like watermarks, which are common methods for tagging sensitive documents. Therefore, in the context of the log provided by the student, DLP is the most appropriate tool to mitigate the risk of unauthorized data transfer.