Which statement best captures the primary purpose of DLP in networks and endpoints?

Data Loss Prevention focuses on stopping sensitive information from leaving the organization. It watches for data such as personal identifiers, payment data, health information, or confidential files as they move across networks or reside on endpoints, and it enforces policies to prevent that data from being exfiltrated. When a potential leakage is detected, DLP can block the transfer, quarantine the file, or require additional safeguards like encryption or approval. This emphasis on preventing leakage of sensitive data is why preventing exfiltration is the best description of DLP’s primary purpose. It’s not about blocking all traffic, replacing encryption, or eliminating identity verification.