Chapter 15 - 04 - Discuss Data Loss Prevention Concepts - 02_ocred_fax_ocred.pdf

Full Transcript

Certified Cybersecurity Technician Exam 212-82
Data Security

DLP Solution: Windows Information Protection (WIP)
O Windows Information Protection (WIP) has an endpoint data loss prevention (DLP) capability that can be helpful
in protecting local data at rest on endpoint devices
O WIP can be configured to store business data only on approved devices / within approved applications

Endpoint data loss prevention 7N
New sensitivity label
capabiliies
Currently, you can only set up endpoint DLP capabil (WiF). DLP settings for
offered by Windows Information Protection (WIP).
\Q!
(oD
R
—y
Office 163
363 apps will be avalable s00n.
500N Learn how endpomt
endpoimt DLP works
woeks with
wih sensitrity labels

Endpoint data loss prevention

© Name & description
@ o -
=
When Hes that have this Isbel applied are stored on Windows devices, endpaint DUP wil help protect against data leaks —
=
There aro prerequestes for fuly
fully implementing endpont data loss preventian for Isbelled content. Learn about these
@ tenaryption
enaryption plevequitites
prevequisites

B Apply endpoint DLP to fles with this label appled.
@ Content marking

|

Copyright © by [ L. All Rights Reserved. Reproduction sis Strictly Prohibited
Prohibited.

DLP Solution: Windows Information Protection (WIP)
Windows Information Protection (WIP) has an endpoint DLP capability that can be helpful for
protecting local data at rest on endpoint devices. WIP can be configured to store business data
only on approved devices/within approved applications.
If the user creates a file on a Windows 10 device, the Windows Defender ATP evaluates its
content for sensitive or customized information. In case of file matches, Windows Defender
ATP applies DLP at its endpoints. For data discovery, Windows Defender ATP integrates with
Azure Information Protection (AIP) and reports the detected sensitive data. Files with sensitive
information and sensitivity labels are aggregated by AIP.
Advantages of WIP:

= As WIP separates corporate and personal data, there is no need for an employee to
switch the applications or environments.
= |t reinforces the data protection for existing line-of-business applications.
= WIP can remove the corporate data from Intune MDM enrolled devices.
= For
For configuration, deployment, and management, WIP integrates with Microsoft Intune,
System Center Configuration Manager, or the current mobile device management.

Module 15 Page 1916 Certified Cybersecurity Technician Copyright © by EG-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
Data Security

Endpoint data loss prevention
New sensitivity label
Currently, you can only set up endpoint DLP capabilities offered by Windows Information Protection (WIP). DLP settings for
Office 365 apps will be available soon. Learn how endpoint DLP works with sensitivity labels

Endpoint data lossp
@ oon
@ Name s& description
When files that have this label applied are stored on Windows devices, endpoint DLP will help protect against data leaks
There are prerequi for fully impl, J dpoint
L data loss prevention for labelled content. Learn about these. Encryption pretequisites

= Apply endpoint DLP to files with this label applied
@ content marking

v| |I
I [
[ e
Auto labeling

Review your settings

Figure 15.102: Screenshot of WIP

Module 15 Page 1917 Certified Cybersecurity Technician Copyright © by EG-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
Data Security

DLP Solutions
MvDLP MyDLP allows the user to monitor, inspect, and prevent all outgoing
£ confidential data without any hassle

IFomeon
owien «o VA iettasians
o Wit o
VEgrttcntan
- C (x et 1000104 | |
\
Tnterprive Edition © Install Policy #X [g Symantec Data Loss Prevention
Y D LP e
T https://www.symantec.com
Dasnbosnt
Dasnbosr Paly
Patky Oofects
Oofecty fenngs
Senngs | Logs
Logy | Endpomes Raviviony
Rt viony

«< Add Rule Ioieman
Ieieman 38
3o
Q Chanewt
Chanoal Sources Gestinations
Oestinations Informaton Types
Iformaton Action @ SecureTrust Data Loss Prevention
Oueaves Asest
eOucoon o
£y [ & v ot B (e
o, —
% | https://www.securetrust.com
$700 = i : o |

P {é} McAfee Total Protection
https://www.mcafee.com

Check Point Data Loss Prevention
https://www.checkpoint.com

T
i + Add Rule
Digital Guardian Endpoint DLP
a0 To e T T T Y'Y
Ty @ hitps://digitalguardian.com
https://digitalguardian.com
htps//mydip.com

Copyright © by All Rights Reserved. ReproductionIs Strictly Prohibited.

DLP Solutions
= MyDLP
Source: https://mydip.com
MyDLP is a free and open-source solution that allows organizations to secure
confidential data. The supported data inspection channels include web, email, instant
messaging, printers, removable storage devices, screenshots, etc. MyDLP allows the
user to monitor, inspect, and prevent all outgoing confidential data without any hassle.
With its painless deployment and configuration, an easy-to-use policy interface, and
great performance, IT administrators and security officers are able to effectively combat
data leakage.

Module 15 Page 1918 Certified Cybersecurity Technician Copyright © by EG-Council
All Rights Reserved. Reproduction is Strictly Prohibited.
Certified Cybersecurity Technician Exam 212-82
Data Security

F o oo
wova e
s O
N -~~~
- -~o~ =
€- C (%(xpuet/1000104
puet//1000.104

M Y v
M Y a DD I-P Edition
Enterprise Edition
L P Enterprise £ Install Policy
¥ Install Policy #X
#X
‘ v
Logoedinin asas mydlp
Logped