Question

An organization is reviewing endpoint security solutions. In evaluating products, the organization has the following requirements:

1. Support server, laptop, and desktop infrastructure
2. Due to limited security resources, implement active protection capabilities
3. Provide users with the ability to self-service classify information and apply policies
4. Protect data-at-rest and data-in-use

Which of the following endpoint capabilities would BEST meet the above requirements? (Choose two.)

A. Data loss prevention
B. Application whitelisting
C. Endpoint detect and respond
D. Rights management
E. Log monitoring
F. Antivirus

Answer 1

The best endpoint security capabilities that meet the organization's requirements are Data Loss Prevention to secure data at rest and in use, and Rights Management for allowing user-driven information classification and policy application.

Step-by-step explanation:

In evaluating products that best meet the organization's requirements for endpoint security solutions, the two capabilities that stand out are Data Loss Prevention (DLP) and Rights Management. DLP solutions are essential for protecting sensitive data both at rest and in use, ensuring that inadvertent leaks of data outside corporate walls are minimized or prevented entirely. This addresses the need to protect data in different states while providing active protection capabilities. Rights Management allows users to self-service classify information and apply security policies to documents and emails, which aligns with the requirement for user self-service capabilities. Both DLP and Rights Management contribute to safeguarding the information within the organization's infrastructure of servers, laptops, and desktops.

While other options like Antivirus and Endpoint Detect and Respond provide important security layers, they do not specifically address the need for user-driven classification and policy application or have a primary focus on data protection which is central to the organization's needs.