DLP Lab

Last updated 1 day ago

Product Chosen: Symantec DLP (Broadcom) Lab Task: Create a policy to prevent the transfer of sensitive data via email.

Configure Symantec DLP to detect and block emails containing sensitive data, such as credit card numbers, from leaving the organization.

Request a trial from the .
Log into the Symantec DLP Enforce console.
Create a new policy:
- Go to Manage > Policies > Policy List and click New Policy.
- Name: "Block Sensitive Email".
- Condition: Select "Content Matches Data Identifier" > "Credit Card Number".
- Action: "Block" or "Quarantine".
- Save the policy.
Apply the policy to the email channel:
- Go to System > Agents > Policies and ensure the policy is active for email traffic.
Test the policy:
- Send an email from a monitored account containing a dummy credit card number (e.g., 4111-1111-1111-1111).

Check the DLP incident reports; the email should be blocked or quarantined, and an alert should be logged.

Follow the provided installation guide to deploy the DLP Enforce server (may require a VM or server setup).
Configure the initial settings (e.g., network integration, email server connection) as per the trial instructions.

Create a Symantec DLP policy to detect and block the transfer of files containing credit card numbers to USB drives.

Log into the Symantec DLP Enforce console.
Create the policy:
- Go to Manage > Policies > Policy List and click New Policy.
- Name: "Block USB Credit Card Transfer".
- Condition: Select "Content Matches Data Identifier" > "Credit Card Number".
- Channel: Choose "Endpoint" > "Removable Storage".
- Action: "Block".
- Save the policy.
Deploy to endpoints:
- Go to System > Agents > Policies, apply the policy to the agent group.
Test the policy:
- On an endpoint, attempt to copy a file with a credit card number (e.g., 4111-1111-1111-1111) to a USB drive.

Confirm the transfer is blocked and an incident appears in Incidents > All Incidents.
Check for a block notification on the endpoint.

Last updated 1 day ago

Product Chosen: Symantec DLP (Broadcom) Lab Task: Create a policy to prevent the transfer of sensitive data via email.

Configure Symantec DLP to detect and block emails containing sensitive data, such as credit card numbers, from leaving the organization.

Request a trial from the .
Log into the Symantec DLP Enforce console.
Create a new policy:
- Go to Manage > Policies > Policy List and click New Policy.
- Name: "Block Sensitive Email".
- Condition: Select "Content Matches Data Identifier" > "Credit Card Number".
- Action: "Block" or "Quarantine".
- Save the policy.
Apply the policy to the email channel:
- Go to System > Agents > Policies and ensure the policy is active for email traffic.
Test the policy:
- Send an email from a monitored account containing a dummy credit card number (e.g., 4111-1111-1111-1111).

Check the DLP incident reports; the email should be blocked or quarantined, and an alert should be logged.

Request a trial at .
Follow the provided installation guide to deploy the DLP Enforce server (may require a VM or server setup).
Configure the initial settings (e.g., network integration, email server connection) as per the trial instructions.

Create a Symantec DLP policy to detect and block the transfer of files containing credit card numbers to USB drives.

Log into the Symantec DLP Enforce console.
Create the policy:
- Go to Manage > Policies > Policy List and click New Policy.
- Name: "Block USB Credit Card Transfer".
- Condition: Select "Content Matches Data Identifier" > "Credit Card Number".
- Channel: Choose "Endpoint" > "Removable Storage".
- Action: "Block".
- Save the policy.
Deploy to endpoints:
- Go to System > Agents > Policies, apply the policy to the agent group.
Test the policy:
- On an endpoint, attempt to copy a file with a credit card number (e.g., 4111-1111-1111-1111) to a USB drive.

Confirm the transfer is blocked and an incident appears in Incidents > All Incidents.
Check for a block notification on the endpoint.