Endpoint Security Solutions

CD.

The two endpoint capabilities that would best meet the organization's requirements are:

A. Data loss prevention (DLP) and D. Rights management (RM).

1. Support server, laptop, and desktop infrastructure: DLP and RM solutions are designed to protect data on all endpoints, including servers, laptops, and desktops.

2. Due to limited security resources, implement active protection capabilities: DLP and RM solutions both provide active protection capabilities, allowing for the prevention of data breaches in real-time.

3. Provide users with the ability to self-service classify information and apply policies: RM solutions can enable users to classify data and apply policies to it, ensuring that sensitive information is protected from unauthorized access. DLP solutions can also provide this capability by allowing users to tag sensitive data and apply appropriate policies.

4. Protect data-at-rest and data-in-use: Both DLP and RM solutions can protect data-at-rest and data-in-use by applying appropriate policies and encryption techniques.

B. Application whitelisting (AW), Endpoint detect and respond (EDR), and Log monitoring (LM) do not fully meet the organization's requirements:

• AW is a security practice that permits only approved applications to run on a system, but it does not provide data protection or self-service classification capabilities.
• EDR is designed to detect and respond to endpoint threats, but it does not provide data protection or self-service classification capabilities.
• LM is used for monitoring system logs and events, but it does not provide data protection or self-service classification capabilities.

F. Antivirus (AV) is a security solution that detects and removes malware from systems, but it does not provide data protection or self-service classification capabilities.

Therefore, DLP and RM solutions would be the best endpoint capabilities to meet the organization's requirements.