Data loss prevention (DLP) is best described as what, and give one example.

• A. Strategies/tools to prevent sensitive data from leaving an organization; example: content scanning on email or USB device control
• B. Data logging performance
• C. Encryption of all data at rest only
• D. Public data sharing policy

Answer: (A)

Data loss prevention focuses on preventing sensitive information from leaving the organization by monitoring, detecting, and blocking data flows across networks, endpoints, and storage. It classifies data (such as PII or financial data) and enforces controls—like blocking, quarantining, or alerting—when an attempt is made to exfiltrate that data. An example is content scanning on email and USB device control, which inspects outbound content and stops or flags transfers of sensitive information. This approach is what distinguishes DLP from other concepts: it isn’t about logging performance, encryption of data at rest, or merely having a public sharing policy—the goal is active protection against data leakage through real-time detection and enforcement.