Question
A security analyst needs a data loss prevention (DLP) solution to prevent users from transferring data without authorization.
What components typically makeup DLP solutions? (Select three.)
answer
Quarantine
Policy Server
USB Devices
Tombstone
Network agents
Block
Endpoint agents
What components typically makeup DLP solutions? (Select three.)
answer
Quarantine
Policy Server
USB Devices
Tombstone
Network agents
Block
Endpoint agents
Answers
GPT-5 mini
Correct answers: Policy Server, Network agents, Endpoint agents.
Brief explanation:
- Policy Server: central management/decision point that defines and enforces DLP rules and collects incidents.
- Network agents (sensors): monitor network traffic (email, web, uploads) to detect and stop sensitive data leaving the network.
- Endpoint agents: installed on users' devices to monitor local actions (USB, print, copy/paste) and enforce policies.
Why the others are incorrect:
- Quarantine and Block are actions or responses taken by DLP systems, not main architectural components.
- USB Devices are a channel/vector for data transfer, not a DLP component.
- Tombstone is unrelated to DLP.
Brief explanation:
- Policy Server: central management/decision point that defines and enforces DLP rules and collects incidents.
- Network agents (sensors): monitor network traffic (email, web, uploads) to detect and stop sensitive data leaving the network.
- Endpoint agents: installed on users' devices to monitor local actions (USB, print, copy/paste) and enforce policies.
Why the others are incorrect:
- Quarantine and Block are actions or responses taken by DLP systems, not main architectural components.
- USB Devices are a channel/vector for data transfer, not a DLP component.
- Tombstone is unrelated to DLP.