This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
An organization wants to reduce data loss during everyday collaboration without assuming malicious intent. Which situation best reflects the type of data loss scenarios data loss prevention (DLP) is most often used to address?
A user intentionally stealing data for personal gain.
Sensitive information being shared accidentally during normal work.
Unauthorized access caused by a misconfigured network firewall.
When DLP evaluates whether an action puts data at risk, which combination of signals is most important?
The sensitivity of the data, the context of the action, and what is being done with the data.
Where the data is stored and how long it has existed.
The user's department and license level.
Why should planning DLP policies be treated as a design exercise rather than a configuration task?
Because DLP policies require custom scripting before they can be enforced.
Because planning focuses on risk, scope, and how policies affect real work.
Because policies behave the same way across all locations.
An organization wants to understand how a DLP policy would behave without interrupting users. What approach best supports this goal?
Enable the policy with blocking actions for a small pilot group.
Apply the policy only to low-risk data types.
Run the policy in simulation mode and review the results.
When should advanced DLP controls be considered?
When basic DLP controls clearly fail to protect any sensitive data.
When adding behavioral context clearly improves enforcement decisions.
When an organization wants to enable every available DLP feature.
You must answer all questions before checking your work.
Was this page helpful?
Need help with this topic?
Want to try using Ask Learn to clarify or guide you through this topic?