Symantec Data Loss Prevention (DLP) Practice Test

Data-in-use controls are about stopping data leakage while it’s being used on the endpoint, particularly by preventing copying to or sending data through connected devices. Blocking USB and peripheral devices directly stops the most common exfiltration path—copying data to USB drives, external disks, or other peripherals—so sensitive information can’t leave the device via those channels.

Other options map to different protection approaches: video camera encryption isn’t a standard data-in-use control for preventing leakage through devices, cloud app whitelisting governs where data can go in the cloud rather than via attached hardware, and printer device isolation focuses on printing channels. The USB and peripheral blocking choice targets the typical data-in-use leakage vector most effectively.