If a system blocks data movement based on classification levels, which feature is being used?

• A. Dictionary
• B. Quarantine
• C. RDP Blocking
• D. Classification-Based Data Blocking

Answer: (D)

Blocking data movement based on classification levels is a data loss prevention control that uses data classification tags to enforce how information can be moved. When data is labeled with a classification (such as public, internal, confidential, or restricted) and a policy specifies that transfers of certain classifications are blocked, the system enforces that policy automatically. This approach, driven by the data’s classification, is what we call classification-based data blocking.

This sits squarely in the realm of DLP and data governance, where the label on the data determines the allowed actions across endpoints, networks, and cloud services. The other options operate on different criteria: a dictionary approach blocks based on keywords found in content rather than the data’s classification level; quarantine isolates files or devices based on risk, not classification-driven transfer rules; and RDP blocking restricts remote desktop access, which is a network control unrelated to classifying and blocking data movements.