A DLP solution/implementation has three main components.
Which of the following is NOT one of the three main components?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
Auditing, which can be supported to varying degrees by DLP solutions, is not a core component of them.
Data loss prevention (DLP) solutions have core components of discovery and classification, enforcement, and monitoring.
Discovery and classification are concerned with determining which data should be applied to the DLP policies, and then determining its classification level.
Monitoring is concerned with the actual watching of data and how it's used through its various stages.
Enforcement is the actual application of policies determined from the discovery stage and then triggered during the monitoring stage.
Data Loss Prevention (DLP) solutions are used to prevent data breaches and leakage in an organization. DLP implementations have three primary components that work together to secure sensitive information: Monitoring, Enforcement, and Discovery and Classification.
Monitoring: This component involves the monitoring of all communication channels in the organization, including email, web traffic, and file transfers, to detect any attempts to transmit sensitive information.
Enforcement: This component involves enforcing security policies to prevent the unauthorized transmission of sensitive data. For example, if an employee tries to send a confidential document via email, the DLP solution will prevent the email from being sent and notify the security team.
Discovery and Classification: This component involves the identification and classification of sensitive data within the organization. The DLP solution will scan all data repositories, including file servers, databases, and cloud storage, to identify sensitive data and classify it based on its level of confidentiality.
Therefore, the correct answer to the question is C. Auditing, as it is not one of the primary components of a DLP solution/implementation. However, auditing may be a complementary feature to a DLP solution to ensure compliance with regulations and security policies. Auditing involves the collection and analysis of log data from various sources, including network devices, servers, and applications, to identify security incidents and suspicious activity.