A security administrator is deploying a DLP solution to prevent the exfiltration of sensitive customer data. Which of the following should the administrator do first?
A security administrator is deploying a DLP solution to prevent the exfiltration of sensitive customer data. Which of the following should the administrator do first?
When deploying a DLP (Data Loss Prevention) solution, the first step should be to apply classifications to the data. This classification helps in identifying and categorizing sensitive data, enabling the DLP system to appropriately recognize and protect it. Without proper data classification, it becomes challenging to enforce rules and policies effectively, as the system would not be able to differentiate between sensitive and non-sensitive data.
C. Apply classifications to the data.
Applying a DLP solution to prevent data being 'leaked' out of the company, usually through email, USB or tools like Steganography. Once installed the first thing he should do is create a rule to either warn or block email attachments. It's nothing to do with cloud storage or server file permissions and we don't need data classification for DLP to work (although it might be a nice option).
DLP (Data Loss Prevention)
its asking what to do FIRST/ How would users know what not to send out if data is not classified
first classify the information