Data-loss prevention

Data Loss Prevention (DLP) can stop unencrypted sensitive and personally identifiable information (PII) from inadvertently leaving the company. It cannot scan encrypted data. There are two separate ways it can prevent data loss:

  • USB flash drive: DLP can be set up on a file server to prevent data being copied onto a USB flash drive.
  • Email: Templates can be set up with regular expressions to stop data being sent out in email format.


An auditor has found that the credit card details of customers have been sent out of the company by email, and this needs to be prevented in the future. The company only accepts VISA, Mastercard, and American Express.

The solution would be to set up a DLP template with the regular ...

Get CompTIA Security+ Certification Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.