A security architect is working in a processing center and must implement a DLP solution to detect and prevent any type of copy and paste attempts of sensitive data within unapproved applications and removable devices.
Which technical architecture must be used?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
https://www.endpointprotector.com/blog/what-is-data-loss-prevention-dlp/The security architect's requirement is to implement a Data Loss Prevention (DLP) solution to detect and prevent any unauthorized attempts of copying and pasting sensitive data within unapproved applications and removable devices. To determine the technical architecture that must be used, we need to understand the different types of data that DLP can monitor and the associated architectural components.
DLP solutions typically monitor three types of data: data in motion, data at rest, and data in use.
Data in motion refers to data that is in transit between different devices, networks, or applications. This can include emails, instant messages, file transfers, and network traffic. DLP for data in motion typically involves monitoring network traffic and analyzing content for sensitive information.
Data at rest refers to data that is stored on disk, tape, or other types of storage media. This can include databases, files, and backups. DLP for data at rest typically involves monitoring storage systems and analyzing file content for sensitive information.
Data in use refers to data that is actively being processed or accessed by applications or users. This can include data being typed into forms, viewed on screens, or copied and pasted between applications. DLP for data in use typically involves monitoring user activity and analyzing system events to detect policy violations.
Given the requirement to prevent copy and paste attempts of sensitive data within unapproved applications and removable devices, the technical architecture that should be used is DLP for data in use. This type of DLP solution monitors user activity and analyzes system events to detect policy violations, which is exactly what the security architect needs to prevent unauthorized attempts of copying and pasting sensitive data within unapproved applications and removable devices. DLP for data in use can also provide additional features such as screen capture prevention and keystroke encryption to prevent data theft.
Therefore, the correct answer is C. DLP for data in use.