What should you do?

Your cyber security team has requested that all email destined for external domains be scanned for credit card numbers, and if found, the email must be encrypted using your cloud-based third-party encryption provider. You are responsible for configuring to meet this request.

What should you do?
A . Create a content compliance rule on outbound mail and internal-sending mail using the predefined rule for credit card numbers, and add a custom header that your third-party encryption provider can scan for and encrypt.
B . Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and check “Encrypt message if not encrypted”.
C . Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and add a custom header that your third-party encryption provider can scan for and encrypt.
D . Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and check “Change route” to send to your third-party encryption provider to encrypt.

View Answer

Answer: A

Explanation:

In this scenario, the goal is to ensure that all email, both sent externally and internally, which contains credit card numbers, is encrypted using a third-party encryption provider.

Option A allows you to create a content compliance rule that scans both outbound and internal-sending mails for credit card numbers. When a credit card number is detected, a custom header is added to the email which the third-party encryption provider can identify and encrypt the email accordingly.

Let’s analyze other options:

B. This option only encrypts the message if it is not encrypted already, but it doesn’t necessarily interface with the specific third-party encryption provider that has been mentioned in the question.

C. This option is similar to A but only focuses on outbound mail and not on internal-sending mail. It misses the part about scanning internal emails, which may still contain sensitive data like credit card numbers.

D. Changing the route to send to the third-party encryption provider seems like a viable option but would be more about rerouting the entire email to the provider rather than adding a specific header that the provider can scan for, which might not align perfectly with the encryption process required by the third-party provider.

Therefore, option A provides a more comprehensive solution that complies with the requirements set by the cybersecurity team. It allows for scanning of both outbound and internal emails, adding a custom header for the third-party provider to encrypt the mail, ensuring better security and compliance with the request.