Answer-first summary for fast verification
Answer: Implement a DLP solution that provides comprehensive coverage across endpoints, networks, and cloud environments, with dynamically applied policies based on data sensitivity and user roles, including monitoring for both external and insider threats.
The best approach is to implement a comprehensive DLP solution that covers all potential data loss vectors, including endpoints, networks, and cloud environments, with policies tailored to the sensitivity of the data and the context of its use. This ensures protection against both external and insider threats while maintaining operational efficiency. Option A is insufficient because it lacks policy-based controls and monitoring. Option B is too narrow, focusing only on email and ignoring other data types and transfer methods. Option D is also too restrictive, covering only one type of data in a single platform, leaving other sensitive information unprotected.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your organization is in the process of deploying a Data Loss Prevention (DLP) solution across its Azure environment to safeguard sensitive information. As the Cybersecurity Architect, you are tasked with defining the security requirements to ensure the DLP solution is both effective and compliant with industry standards. The organization handles a variety of data types, including personally identifiable information (PII), financial records, and intellectual property, across endpoints, networks, and cloud environments. Given the need to balance security with operational efficiency, which of the following approaches BEST meets the organization's requirements? (Choose one option.)
A
Deploy a DLP solution that focuses exclusively on encrypting data at rest and in transit, without implementing any policy-based controls or monitoring for data exfiltration attempts.
B
Limit the DLP solution's scope to monitoring and blocking outbound emails containing sensitive keywords, ignoring other data transfer mechanisms and storage locations.
C
Implement a DLP solution that provides comprehensive coverage across endpoints, networks, and cloud environments, with dynamically applied policies based on data sensitivity and user roles, including monitoring for both external and insider threats.
D
Restrict the DLP solution to only scan for PII in documents stored in SharePoint Online, excluding other data types and platforms from protection.
No comments yet.