Which of the following is the BEST control to prevent the transfer of files to external parties through instant messaging (IM) applications?

Which of the following is the BEST control to prevent the transfer of files to external parties through instant messaging (IM) applications?
A . File level encryption
B . File Transfer Protocol (FTP)
C . Instant messaging policy
D . Application-level firewalls

View Answer

Answer: D

Explanation:

Application level firewalls are the best control to prevent the transfer of files to external parties through instant messaging (IM) applications, because they can inspect and filter network traffic based on application-specific protocols and commands, such as IM file transfer commands.

Application level firewalls can block or allow IM file transfers based on predefined rules or policies. File level encryption, file transfer protocol (FTP), and instant messaging policy are not effective controls to prevent IM file transfers, because they do not restrict or monitor IM network traffic.

References: CISA Review Manual (Digital Version), Chapter 5, Section 5.4.1