Your cyber security team has requested that all email destined for external domains be scanned for credit card numbers, and if found, the email must be encrypted using your cloud-based third-party encryption provider. You are responsible for configuring to meet this request.
What should you do?
A . Create a content compliance rule on outbound mail and internal-sending mail using the predefined rule for credit card numbers, and add a custom header that your third-party encryption provider can scan for and encrypt.
B . Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and check “Encrypt message if not encrypted”.
C . Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and add a custom header that your third-party encryption provider can scan for and encrypt.
D . Create a content compliance rule on outbound mail using the predefined rule for credit card numbers, and check “Change route” to send to your third-party encryption provider to encrypt.
Answer: A
Explanation:
In this scenario, the goal is to ensure that all email, both sent externally and internally, which contains credit card numbers, is encrypted using a third-party encryption provider.
Option A allows you to create a content compliance rule that scans both outbound and internal-sending mails for credit card numbers. When a credit card number is detected, a custom header is added to the email which the third-party encryption provider can identify and encrypt the email accordingly.
Let’s analyze other options:
B. This option only encrypts the message if it is not encrypted already, but it doesn’t necessarily interface with the specific third-party encryption provider that has been mentioned in the question.
C. This option is similar to A but only focuses on outbound mail and not on internal-sending mail. It misses the part about scanning internal emails, which may still contain sensitive data like credit card numbers.
D. Changing the route to send to the third-party encryption provider seems like a viable option but would be more about rerouting the entire email to the provider rather than adding a specific header that the provider can scan for, which might not align perfectly with the encryption process required by the third-party provider.
Therefore, option A provides a more comprehensive solution that complies with the requirements set by the cybersecurity team. It allows for scanning of both outbound and internal emails, adding a custom header for the third-party provider to encrypt the mail, ensuring better security and compliance with the request.
Latest Google Workspace Administrator Dumps Valid Version with 77 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund