To restrict copying files only to a specific set of organization-owned USB drives, which detection method should be used?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Get ready for the Symantec Data Loss Prevention Test with our quizzes. Study with flashcards and multiple choice questions, each with hints and explanations. Prepare effectively for your certification exam!

Multiple Choice

To restrict copying files only to a specific set of organization-owned USB drives, which detection method should be used?

Explanation:
Described Content Matching focuses on the description attached to the data itself to drive enforcement. With DCM, you define a description or metadata for the sensitive content and create a policy that ties that description to allowed handling, such as only permitting copies to a predefined set of organization-owned USB drives. When a copy attempt is made, the DLP system checks the described content against the policy and authorizes the transfer only if the destination matches the approved device list; otherwise, it blocks the action. This approach directly supports device-bound restrictions by using the data’s descriptor to govern where it can go. Hash matching would only block known files based on their exact hash, regardless of the destination. Content discovery identifies where data resides but doesn’t enforce flow restrictions to specific devices. Descriptive file tagging involves tagging data for policy handling but requires additional policy logic to enforce device restrictions; DCM already provides the mechanism to describe data and its allowed destinations within a single enforcement rule.

Described Content Matching focuses on the description attached to the data itself to drive enforcement. With DCM, you define a description or metadata for the sensitive content and create a policy that ties that description to allowed handling, such as only permitting copies to a predefined set of organization-owned USB drives. When a copy attempt is made, the DLP system checks the described content against the policy and authorizes the transfer only if the destination matches the approved device list; otherwise, it blocks the action. This approach directly supports device-bound restrictions by using the data’s descriptor to govern where it can go.

Hash matching would only block known files based on their exact hash, regardless of the destination. Content discovery identifies where data resides but doesn’t enforce flow restrictions to specific devices. Descriptive file tagging involves tagging data for policy handling but requires additional policy logic to enforce device restrictions; DCM already provides the mechanism to describe data and its allowed destinations within a single enforcement rule.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy