A company is deploying a DLP solution and scanning workstations and network drives for documents that contain potential PII and payment card data. The results of the first scan are as follows:
 
The security team is unable to identify the data owners for the specific files in a timely manner and does not suspect malicious activity with any of the detected files. Which of the following would address the inherent risk until the data owners can be formally identified?

A. Move the files from the marketing share to a secured drive

B. Search the metadata for each file to locate the file's creator and transfer the files to the personal drive of the listed creator

C. Configure the DLP tool to delete the files on the shared drives

D. Remove the access for the internal audit group from the accounts payable and payroll shares








 

Suggested Answer: A





This question is in CAS-003 CompTIA Advanced Security Practitioner (CASP+) Exam
For getting CompTIA Advanced Security Practitioner (CASP+) Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by CompTIA. 
Trademarks, certification & product names are used for reference only and belong to CompTIA.
The website does not contain actual questions and answers from CompTIA's Certification Exams.