Which of the following are Data Loss Prevention (DLP) strategies that address data in transit issues?
(Select TWO).
A.
Scanning printing of documents.
B.
Scanning of outbound IM (Instance Messaging).
C.
Scanning copying of documents to USB.
D.
Scanning of SharePoint document library.
E.
Scanning of shared drives.
F.
Scanning of HTTP user traffic.
Explanation:
DLP systems monitor the contents of systems (workstations, servers, networks) to make sure key content
is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and
transmitting the data. Outbound IM and HTTP user traffic refers to data over a network which falls within
the DLP strategy.
Incorrect Answers:
A: Printing of documents will not necessarily result in data loss since it is a hard copy of the soft copy that
is already there.
C: Copying documents to USB amounts to duplicating data.
D: A SharePoint document Library is a list of the documents and not the data itself. This is not a data in
transit issue
E: Shared drive scanning is not data in transit.Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis,
2014, pp. 236-237, 364
I really think the correct answers are B and C.
0
0
The main point is that we are dealing with data in “transit.”
** Data in transit, or data in motion, is data actively moving from one location to another such as across the internet or through a private network. Data protection in transit is the protection of this data while it’s traveling from network to network or being transferred from a local storage device to a cloud storage device – wherever data is moving, effective data protection measures for in transit data are critical as data is often considered less secure while in motion.
** Data at rest is data that is not actively moving from device to device or network to network such as data stored on a hard drive, laptop, flash drive, or archived/stored in some other way. Data protection at rest aims to secure inactive data stored on any device or network. While data at rest is sometimes considered to be less vulnerable than data in transit, attackers often find data at rest a more valuable target than data in motion. The risk profile for data in transit or data at rest depends on the security measures that are in place to secure data in either state.
When coping data from an HDD (data at rest) to an USB (data at rest) does not change the state of the data which remains at rest throughout
The actual copying mechanism cannot be construed to be data in transit.
For data to be in transit in its purest forms, it has to leave one environment/domain and reach another through the 7 ISO network layers.
Copying data to an USB does not do that.
So the answers are:
B. Scanning of outbound IM (Instance Messaging). (data in transit)
F. Scanning of HTTP user traffic. (data in transit)
Answers: A, C, D and E or pertain to data at rest
0
0