What aspect of DLP focuses on preventing unauthorized data transfers from a single computer or device?

Endpoint-Based DLP focuses on preventing unauthorized data transfers from a single computer or device. This approach involves monitoring and controlling data at the endpoint level, such as on individual laptops, desktops, and mobile devices. By implementing policies and controls directly on the device, organizations can effectively reduce the risk of data loss through unauthorized copying, emailing, or transferring of sensitive information from that specific device.

For instance, endpoint-based solutions can restrict users from using removable storage devices, limit access to specific applications, or monitor data transfers based on predefined policies. This granular control helps ensure that sensitive data does not leave the endpoint without proper authorization.

Other options, such as Network-Based DLP, focus on monitoring traffic across the network to detect and prevent data breaches, which does not target individual devices. Cloud-Based DLP looks at data stored and accessed in the cloud, while Database DLP primarily secures database environments. These approaches may contribute to overall data protection strategies, but they don't specifically address the control requirements for individual devices like Endpoint-Based DLP does.