DLP Policy Configuration
Configure data loss prevention rules for an organization’s data classification scheme, then test your ruleset against realistic scenarios. Balance security against business function — overly aggressive rules block critical workflows, while gaps leak sensitive data.
What You’ll Practice
- Building a DLPData Loss Prevention — Prevents unauthorized data exfiltration ruleset across four categories: content patterns, data labels, endpoint controls, and network controls
- Choosing appropriate enforcement actions (Block, Encrypt, Log, Allow) based on data sensitivity and business context
- Evaluating your configuration against test scenarios that expose false negatives (data leaks) and false positives (blocked business)
- Understanding the tradeoff between aggressive security policies and operational friction
How the Exam Tests This
Objective 4.6 covers modifying enterprise capabilities to enhance security, including DLPData Loss Prevention — Prevents unauthorized data exfiltration as a key control. CompTIA tests whether you can identify appropriate DLPData Loss Prevention — Prevents unauthorized data exfiltration configurations for specific data types (PIIPersonally Identifiable Information — Data that can identify an individual, PHIProtected Health Information — Health-related PII under HIPAA, PCI), understand content inspection patterns, and recognize when DLPData Loss Prevention — Prevents unauthorized data exfiltration rules need refinement. Expect scenario-based questions where a DLPData Loss Prevention — Prevents unauthorized data exfiltration rule either fails to catch sensitive data or blocks a legitimate business process.
Scoring
Your DLPData Loss Prevention — Prevents unauthorized data exfiltration configuration is tested against 8 realistic scenarios. Each is scored as correct action, false negative (data leaked that should have been blocked), or false positive (legitimate business blocked). Final score reflects both your detection rate and your false positive rate — perfect security that breaks the business isn’t the answer.
MISSION
Configure a DLP policy for a real organization, then watch it get tested against realistic scenarios.
Too permissive and data leaks. Too aggressive and business grinds to a halt. Find the balance.
HOW IT WORKS
Phase 1: Enable and configure DLP rules across content patterns, data labels, endpoint controls, and network controls.
Phase 2: 8 test scenarios run through your ruleset. See where your config catches threats and where it fails — or blocks legitimate business.