Lab 3b: Machine Learning DLP

Lab 3b: Use Machine-Learning DLP (optional - if you have time)

OVERVIEW

For this lab we will use public available files to prove the ML-based DLP features in certain categories (Payment Cards, Source Code, Screenshots)

Step 1 Review the existing DLP Profile "Corporate-DLP-Profile" and check the below classifiers. Please DO NOT CHANGE the profile.

Step 2 Test the policy by uploading following documents to private OneDrive.

Payment Card: Search the Internet for "Credit Card" -> Bilder/Picture and save a picture to your PC.
Source Code: Search the Internet for "source code example","python script" or copy Perl example "test.pl" which is available in Box folder: [https://app.box.com/s/jpvnd61i9piluld0chh4v6wu00685nz1]
Screenshot: Generate a Screenshot from your PC
Then, upload them all to private OneDrive.

Step 3 Review the associated SkopeIT alerts and the forensic data under Incidents > DLP. Review the details of the alert with the type = DLP. Check the DLP section to understand why the DLP profile has triggered. Click on the link in the "Incident ID" field. The related DLP incident has more details about the trigger reason.

Check the "Violations" section:

Please continue onto the next section.