You need to protect documents that contain credit card numbers from being opened by users outside your company. The solution must ensure that users at your company can open the documents. What should you use?
but why sensitivity label isn't a valid option? you can configure your label to apply encryption and grant permission to view only to members of your organization. if you want to prevent people outside the org to OPEN the file, sensitivity label is valid, if you want to prevent people to SHARE outside the org (which may lead to prevent to be opened of course), DLP is valid.
this question is trickier than people are arguing.
sensitivity labels are encrypting the document but not checking if SIT's are used. The only way is DLP Rule which block's external out of indicators of the SIT's
prevent ... from being opened by users outside your company. If it had said prevent from being shared with external users, I would have picked DLP. This question is focused on the function of each technology. Sensitivity Label is what you use to prevent external users from opening files irrespective of how they got the file.
Correct Answer: B. A sensitivity label
Reasoning:
Sensitivity labels can encrypt documents, control access, and ensure that only internal users are authorized to open sensitive files, such as those containing credit card numbers. This directly addresses the requirement to prevent external users from opening the documents while allowing internal users to do so.
Here the question has mention "You need to protect documents that contain credit card numbers "FROM BEING OPENED" by users outside your company." So, it is not asking to restrict sharing, hence, DLP can't be the answer. This can only be done using a Sensitive label > Add CCN as SIT > Include All users in your org. So, wherever the file resides, or travels, only internal users can access the document. And that's the reason organization applies encryption and access control. So, answer is B.
I would rather go with Sensitivity label, because of opening the file by outsiders. But it requires Auto-labeling and the sensitivity label needs to encrypt the file
The questions says you need to "protect documents that contain credit card numbers from being opened by users outside your company". It does not say that you need to "prevent documents that contain credit card numbers from shared with users outside your company".
Prevention is done with DLP.
Protection is done with sensitivity labels.
The answer is B.
DLP for sure- allows you to define rules that detect sensitive information like credit card numbers and then restrict access or actions based on those rules
why "sensitivity label" isn't an option in this case? if you configure your label to encrypt files and apply permissions to view only to members of your organization it would work, once the question is about to "prevent to be OPENED by people outside your org".
if the file is labeled this way it can't be opened.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Browniez
Highly Voted 3 years, 5 months agoAbhishek1610
Highly Voted 2 years, 3 months agofimbulvetrk
2 years, 3 months agoKuteron
4 months, 3 weeks agoTest90
Most Recent 6 days, 13 hours agoJideakin
1 week agoHardeWerker433
1 month, 2 weeks agoSneakyBD
5 months agoBoeroe
5 months, 1 week agoIndigoRabbit
7 months agoRAJRYB
8 months, 2 weeks agoChrisBaird
9 months, 1 week agoAmin4799
10 months, 1 week agoBewiseExams
11 months, 3 weeks agoDavidf
1 year, 7 months agoT3st3r
1 year, 10 months agoxswe
1 year, 11 months agofimbulvetrk
2 years, 3 months agoluissaro
1 year, 11 months agoAbhishek1610
2 years, 3 months ago