Chapter 15 - 04 - Discuss Data Loss Prevention Concepts PDF
Document Details
Uploaded by barrejamesteacher
null
Tags
Related
- Chapter 15 - 04 - Discuss Data Loss Prevention Concepts - 01_ocred.pdf
- Chapter 15 - 04 - Discuss Data Loss Prevention Concepts - 02_ocred.pdf
- Certified Cybersecurity Technician Data Security PDF
- Data Loss Prevention Concepts PDF
- Data Loss Prevention: The Business Case PDF
- Data Loss Prevention: The Business Case PDF
Summary
This chapter discusses data loss prevention concepts, focusing on Windows Information Protection (WIP). WIP is a data loss prevention capability designed to protect local data at rest on endpoint devices, securing business data only on approved devices and within approved applications. The chapter also touches on endpoint data loss prevention and its use with sensitivity labels.
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Data Security DLP Solution:...
Certified Cybersecurity Technician Exam 212-82 Data Security DLP Solution: Windows Information Protection (WIP) O Windows Information Protection (WIP) has an endpoint data loss prevention (DLP) capability that can be helpful in protecting local data at rest on endpoint devices O WIP can be configured to store business data only on approved devices / within approved applications Endpoint data loss prevention 7N New sensitivity label capabiliies Currently, you can only set up endpoint DLP capabil (WiF). DLP settings for offered by Windows Information Protection (WIP). \Q! (oD R —y Office 163 363 apps will be avalable s00n. 500N Learn how endpomt endpoimt DLP works woeks with wih sensitrity labels Endpoint data loss prevention © Name & description @ o - = When Hes that have this Isbel applied are stored on Windows devices, endpaint DUP wil help protect against data leaks — = There aro prerequestes for fuly fully implementing endpont data loss preventian for Isbelled content. Learn about these @ tenaryption enaryption plevequitites prevequisites B Apply endpoint DLP to fles with this label appled. @ Content marking | Copyright © by [ L. All Rights Reserved. Reproduction sis Strictly Prohibited Prohibited. DLP Solution: Windows Information Protection (WIP) Windows Information Protection (WIP) has an endpoint DLP capability that can be helpful for protecting local data at rest on endpoint devices. WIP can be configured to store business data only on approved devices/within approved applications. If the user creates a file on a Windows 10 device, the Windows Defender ATP evaluates its content for sensitive or customized information. In case of file matches, Windows Defender ATP applies DLP at its endpoints. For data discovery, Windows Defender ATP integrates with Azure Information Protection (AIP) and reports the detected sensitive data. Files with sensitive information and sensitivity labels are aggregated by AIP. Advantages of WIP: = As WIP separates corporate and personal data, there is no need for an employee to switch the applications or environments. = |t reinforces the data protection for existing line-of-business applications. = WIP can remove the corporate data from Intune MDM enrolled devices. = For For configuration, deployment, and management, WIP integrates with Microsoft Intune, System Center Configuration Manager, or the current mobile device management. Module 15 Page 1916 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security Endpoint data loss prevention New sensitivity label Currently, you can only set up endpoint DLP capabilities offered by Windows Information Protection (WIP). DLP settings for Office 365 apps will be available soon. Learn how endpoint DLP works with sensitivity labels Endpoint data lossp @ oon @ Name s& description When files that have this label applied are stored on Windows devices, endpoint DLP will help protect against data leaks There are prerequi for fully impl, J dpoint L data loss prevention for labelled content. Learn about these. Encryption pretequisites = Apply endpoint DLP to files with this label applied @ content marking v| |I I [ [ e Auto labeling Review your settings Figure 15.102: Screenshot of WIP Module 15 Page 1917 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security DLP Solutions MvDLP MyDLP allows the user to monitor, inspect, and prevent all outgoing £ confidential data without any hassle IFomeon owien «o VA iettasians o Wit o VEgrttcntan - C (x et 1000104 | | \ Tnterprive Edition © Install Policy #X [g Symantec Data Loss Prevention Y D LP e T https://www.symantec.com Dasnbosnt Dasnbosr Paly Patky Oofects Oofecty fenngs Senngs | Logs Logy | Endpomes Raviviony Rt viony «< Add Rule Ioieman Ieieman 38 3o Q Chanewt Chanoal Sources Gestinations Oestinations Informaton Types Iformaton Action @ SecureTrust Data Loss Prevention Oueaves Asest eOucoon o £y [ & v ot B (e o, — % | https://www.securetrust.com $700 = i : o | P {é} McAfee Total Protection https://www.mcafee.com Check Point Data Loss Prevention https://www.checkpoint.com T i + Add Rule Digital Guardian Endpoint DLP a0 To e T T T Y'Y Ty @ hitps://digitalguardian.com https://digitalguardian.com htps//mydip.com Copyright © by All Rights Reserved. ReproductionIs Strictly Prohibited. DLP Solutions = MyDLP Source: https://mydip.com MyDLP is a free and open-source solution that allows organizations to secure confidential data. The supported data inspection channels include web, email, instant messaging, printers, removable storage devices, screenshots, etc. MyDLP allows the user to monitor, inspect, and prevent all outgoing confidential data without any hassle. With its painless deployment and configuration, an easy-to-use policy interface, and great performance, IT administrators and security officers are able to effectively combat data leakage. Module 15 Page 1918 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security F o oo wova e s O N -~~~ - -~o~ = €- C (%(xpuet/1000104 puet//1000.104 M Y v M Y a DD I-P Edition Enterprise Edition L P Enterprise £ Install Policy ¥ Install Policy #X #X ‘ v Logoedinin asas mydlp Logped