Certified Cloud Security Professional – CCSP – Question227
Which of the following is NOT one of the main intended goals of a DLP solution? A. Showing due diligence B. Preventing malicious insiders C. Regulatory compliance D. Managing and minimizing risk
Correct Answer: B
Explanation:
Explanation: Data loss prevention (DLP) extends the capabilities for data protection beyond the standard and traditional security controls that are offered by operating systems, application containers, and network devices. DLP is not specifically implemented to counter malicious insiders, and would not be particularly effective in doing so, because a malicious insider with legitimate access would have other ways to obtain data. DLP is a set of practices and controls to manage and minimize risk, comply with regulatory requirements, and show due diligence with the protection of data.
Please disable your adblocker or whitelist this site!