4.5 Given a scenario, modify enterprise capabilities to enhance security.

Question 1

Data Loss Prevention (DLP)

Answer 1

Aims to monitor data in use, in transit, or at rest to detect and prevent data theft

Question 2

Types of DLP Systems

Answer 2

End-Point DLP
Network DLP
Storage DLP
Cloud-Based DLP

Question 3

Endpoint DLP System

Answer 3

● Installed as software on workstations or laptops
● Monitors data in use on individual computers
● Can prevent or alert on file transfers based on predefined rules

Question 4

Network DLP System

Answer 4

● Software or hardware placed at the network perimeter
● Focuses on monitoring data entering and leaving the network
● Detects unauthorized data leaving the network

Question 5

Storage DLP System

Answer 5

● Installed on a server in the data center
● Inspects data at rest, especially encrypted or watermarked data
● Monitors data access patterns and flags policy violations

Question 6

Cloud-Based DLP System

Answer 6

● Offered as a software-as-a-service solution
● Protects data stored in cloud services