🔥 3-day streak
CompTIA SecurityX (CAS-005)21 / 120
Question 21 of 120

A financial services firm is designing a data security architecture that spans Microsoft 365, an on-premises file server, and an AWS S3 data lake used for analytics. Regulators require that once a document is labeled 'Restricted,' the classification and its associated protections must remain enforced regardless of where the file is moved, copied, or downloaded. The security architect must select an approach that ensures the label and its protection travel with the data across all three environments. Which approach best meets this requirement?

Reviewed for accuracy · Report an issueNext question