Implementing Data Loss Prevention (DLP) | N10-007 Exam Answer

A network administrator wants to ensure sensitive data is not exfiltrated from the system electronically.

Which of the following should be implemented?

A.

DLP

B.

AUP

C.

NDA

D.

SLA.

A.

The best option for the network administrator to implement to ensure sensitive data is not exfiltrated from the system electronically is DLP, which stands for Data Loss Prevention.

DLP is a set of technologies and procedures that are designed to prevent the unauthorized transmission of sensitive information outside of an organization's network. DLP typically involves monitoring network traffic, endpoints, and data repositories to identify and block sensitive data that is being transmitted or accessed by unauthorized users.

DLP can be implemented in several ways, including network-based, endpoint-based, or cloud-based solutions. Network-based DLP solutions typically monitor traffic across the network, while endpoint-based solutions are installed on individual devices to monitor data being accessed or transmitted from those devices. Cloud-based solutions monitor data stored in cloud services to prevent unauthorized access or exfiltration.

In contrast, the other options listed are not directly related to preventing data exfiltration. AUP stands for Acceptable Use Policy, which outlines the acceptable use of company resources such as computer networks, internet, and email. NDA stands for Non-Disclosure Agreement, which is a legal contract that prohibits individuals from disclosing confidential information. SLA stands for Service Level Agreement, which is a contract between a service provider and a customer that outlines the level of service that will be provided. While these policies and agreements can contribute to an organization's overall security posture, they do not directly address the issue of preventing data exfiltration.