Lab 7 – Stopping Data Exfiltration with Endpoint DLP

Lab 7⏱ 25 min⚗ Lab Tenant · Read/Write👤 Alex + Kevin

Stopping Data Exfiltration with Endpoint DLP

Kevin's file upload to ChatGPT was blocked in Lab 6 by Inline Web DLP. Undeterred, he decides to try a completely different approach — one that bypasses the network proxy entirely. First he tries to open the sensitive file directly in Notepad++. Then, when that fails, he opens it in Word and tries to copy and paste the content instead. Neither the proxy nor the browser can stop these OS-level actions. Only Endpoint DLP can.

💡 Why Endpoint DLP is needed here

Kevin's new attempts happen entirely on the endpoint — no network request, no HTTP POST, no file transfer. The controls that cannot catch these actions are:

Control	Why it misses
Inline Web DLP (Lab 6)	No network traffic — file access and clipboard never leave the OS
Browser DLP (Lab 8)	Only covers actions inside the browser
Proxy inspection	Proxy can inspect archive files up to 5 levels — but these actions never reach the network

Endpoint DLP operates at the OS layer — intercepting file read attempts and clipboard operations before any data can be extracted, regardless of protocol, application, or network path.

---

Prerequisite — Install Notepad++ on the Lab VM

Kevin needs a text editor capable of opening any file type. Run this command on the lab VM to install Notepad++:

VM Required

Open PowerShell or Command Prompt on the lab VM and run the following command. Wait for installation to complete before starting Task 1.

winget install Notepad++.Notepad++

Notepad++ is a free, widely used text editor. In this scenario Kevin installs it thinking he can use it to open and read the raw contents of the sensitive payroll document — bypassing Word's document protections.

---

Task 1 — Block Application File Access to Sensitive Documents

🛡

Alex — Security Administrator

Lab Tenant (Read/Write) — Configuration Mode

You are Alex. Kevin's ChatGPT upload was stopped in Lab 6. Now you need to close the Application File Access channel — ensuring that even if Kevin tries to open a sensitive file directly in an unauthorized application, the OS-level read is blocked before the application receives any data.

🎯Configure an Application File Access rule, verify the Notepad++ application definition in DLP Resources, push the policy to the endpoint, then confirm Kevin's file open attempt is blocked and logged.

Step 1 — Navigate to Endpoint DLP Policy

Navigate to the Endpoint DLP policy page:

Policies → Data Protection → Endpoint Controls → Data Loss Prevention

The policy list will be empty — this is expected. The Lab Tenant starts with no pre-configured Endpoint DLP rules. You will build the first rule from scratch in the steps below.

Step 2 — Navigate to Endpoint DLP Resources

Before creating the AFA rule, review how applications are defined. Navigate to:

Policies → Data Protection → Endpoint Controls → Endpoint DLP Resources

Step 3 — Review the Notepad++ Application Definition

In DLP Resources, click the Applications tab and search for notepad. Click the eye icon to view the Notepad++ (Windows) definition.

Field	Value
Name	Notepad++ (Windows)
Original File Name	notepad++.exe
File Name	Notepad++.exe
Digitally Signed	Yes
Application Type	Well Known

Application definitions use Original File Name + File Name + Digital Signature to uniquely identify an application. The digital signature check ensures the policy applies to the genuine Notepad++ binary — a renamed or unsigned copy would not match.

💡 Facilitator Notes

Point out the Digitally Signed = Yes criterion — this prevents a simple evasion where Kevin renames another executable to notepad++.exe. The policy targets the signed binary, not just the filename. Ask the group: how would you extend this to block any application, not just Notepad++?

Step 4 — Create the Application File Access Rule

Navigate back to Endpoint DLP Policy and click + Add DLP Rule:

Policies → Data Protection → Endpoint Controls → Data Loss Prevention → + Add DLP Rule

Field	Value
Rule Name	Block Sensitive Data with AFA
Channel	Application File Access
Applications	Notepad++ (Windows)
DLP Engines	DP Project Code
Action	Block
Rule Status	Enable

Callout 1 — Rule Name: Block Sensitive Data with AFA Callout 2 — Channel: Application File Access Callout 3 — Content Matching: Select DLP Engines Callout 4 — DLP Engines: DP Project Code — same engine from Lab 5 Callout 5 — Action: Block Callout 6 — Click Save

Step 5 — Push the Updated Policy to the Endpoint

After saving the rule, the policy must be pushed to the endpoint agent. On the lab VM:

1. Right-click the Zscaler icon in the system tray
2. Click Open Zscaler
3. Navigate to Data Protection
4. Click Update DLP Policy

Callout 1 — ZCC Connectivity: Service Status ON Callout 2 — Right-click ZCC tray icon → Open Zscaler Callout 3 — Click Data Protection Callout 4 — Click Update DLP Policy

💡 Facilitator Notes

The Update DLP Policy step is important — Endpoint DLP rules are enforced by the ZCC agent on the device. Without this step, the new rule exists in the cloud policy but has not been delivered to the endpoint. In production, policies are automatically synced on a schedule, but during lab we force an immediate update to ensure the rule is active before Kevin's test.

---

👤

Kevin — End User

Lab Tenant — VM Session

You are Kevin. Your ChatGPT upload was blocked in Lab 6. You decide to try opening the file directly in Notepad++ — thinking you can read the raw content and extract what you need without going through the network at all.

Step 6 — Kevin Attempts to Open the File in Notepad++

Kevin right-clicks Dataparity_Q2_2025_Workforce_Financial_Summary.docx on the desktop and selects Edit with Notepad++.

The moment Notepad++ attempts to read the file, Application File Access intercepts at the OS layer — before any data reaches the application.

Step 7 — Endpoint DLP Blocks the File Read

Kevin sees two simultaneous events:

Zscaler block notification:

Blocked An application opened one or more files that contain potentially sensitive data. This activity was blocked by your organization.

• File Name: Dataparity_Q2_2025_Workforce_Financial_Summary.docx
• Destination: notepad++.exe

Notepad++ error dialog:

ERROR — Can not open file C:\Users\Zscaler\Desktop\Dataparity_Q2_2025_Workforce_Financial_Summary.docx

Notepad++ never displayed a single byte. The OS-level block happened before the application received any data.

💡 Facilitator Notes

This is the key contrast with Lab 6. In Lab 6, Kevin tried to send the file over the network — the proxy caught it. Here, Kevin never made a network request. He tried to read a local file using a local application. The only thing that stopped him was the Endpoint DLP agent running on the machine itself.

Ask the group: "If Kevin renamed the file to something innocuous like budget.txt, would the block still fire?" Answer: yes — Application File Access inspects file content, not just the filename.

---

🛡

Alex — Security Administrator

Lab Tenant — Log Review

You are Alex. Kevin's file open attempt was blocked. Verify the event was captured in Endpoint DLP Insights with Activity Type: File Read.

Step 8 — Navigate to Endpoint DLP Insights

Logs → Insights → Endpoint DLP Insights

Callout 1 — Click Logs in the top nav Callout 2 — Select Insights Callout 3 — Click Endpoint DLP Insights

Step 9 — Review the AFA Violation Log

The log shows 2 Log Records Found — both Application File Access events:

Field	Value
Channel	Application File Access
Activity Type	File Read
Source Type	Local Drive
DLP Engine	5 or more PII Identifiers, AAA, Trad...
Destination Name	notepad++.exe
Action Taken	Block
File Type	docx

Activity Type: File Read is the key differentiator from the Clipboard channel. This tells Alex exactly what Kevin attempted — a direct file read by an unauthorized application — not a network upload or clipboard operation.

---

Task 2 — Block Clipboard Exfiltration to Local Applications

👤

Kevin — End User

Lab Tenant — VM Session

You are Kevin. Opening the file directly in Notepad++ was blocked. You realise Zscaler is blocking unauthorized applications from reading the file. You decide to use the legitimate application — Microsoft Word — to open the file, then manually copy the sensitive content and paste it into Notepad++ yourself.

🎯Demonstrate that even when Kevin uses a legitimate application to access the file, Endpoint DLP Clipboard control blocks the paste into an unauthorized destination.

💡 Kevin's Escalation Logic

Kevin's reasoning: "Zscaler blocked Notepad++ from reading the file directly. But Word is allowed to open it — it's the legitimate app for .docx files. If I open it in Word, copy the content, and paste it into Notepad++, maybe the endpoint agent won't catch it."

He's right that Word can open the file — Application File Access doesn't block sanctioned applications. But the Clipboard channel catches the copy/paste at the OS clipboard layer, regardless of which application the content came from.

VM Required

This task must be performed from the lab VM machine. Ensure the Zscaler Client Connector is running before proceeding.

Step 1 — Navigate to Endpoint DLP Policy

The Clipboard rule is already configured. Alex can show the existing rule:

Policies → Data Protection → Endpoint Controls → Data Loss Prevention

The existing Rule 1 — Block Cut and Paste on Public Network shows:

• Channel: Clipboard
• Destination Application: Notepad++ (Windows)
• DLP Engine: DP Project Code
• Action: Block

Step 2 — Configure the Clipboard DLP Rule

Click the edit icon on Rule 1 to show the full rule configuration:

Field	Value
Rule Name	Block Cut_n_Paste Sensitive Data
Channel	Clipboard
Destination Application	Notepad++ (Windows)
DLP Engines	DP Project Code
Action	Block

💡 Destination Application Scoping

The Clipboard rule is scoped to Notepad++ (Windows) as the destination. This means paste of sensitive content is blocked specifically when the destination is Notepad++. Setting the destination to Any would block paste of sensitive content into any application on the endpoint — email clients, chat tools, IDE editors, or any other process.

Scoping to a specific application allows a graduated rollout — start with the highest-risk destinations, then expand once the policy is tuned.

Step 3 — Push Updated Policy to Endpoint

After saving the Clipboard rule, push the policy to the endpoint:

Right-click ZCC tray icon → Open Zscaler → Data Protection → Update DLP Policy

---

Step 4 — Kevin Opens the Document in Word and Selects Sensitive Content

Kevin opens Dataparity_Q2_2025_Workforce_Financial_Summary.docx in Microsoft Word — which is allowed, as Word is a sanctioned application. He selects the entire document content containing customer names, emails, phone numbers, and SSNs.

Kevin presses Ctrl+C to copy. He then opens Notepad++ and attempts Ctrl+V to paste.

Step 5 — Endpoint DLP Blocks the Paste

Instead of pasting, Kevin sees a Zscaler block notification:

Blocked The copied content contains potentially sensitive data. This activity was blocked by your organization.

• Destination: notepad++.exe

Notepad++ remains empty — not a single character was pasted.

💡 Facilitator Notes

Ask the group: "Kevin successfully opened the file in Word — so why didn't Application File Access fire?" The answer: Word is a sanctioned application. AFA is scoped to Notepad++. The Clipboard rule catches the extraction attempt at the paste event — a different, lower-level OS operation than a file read.

This is the architectural elegance of Endpoint DLP: multiple channels, each operating at a different OS layer, complementing each other.

---

🛡

Alex — Security Administrator

Lab Tenant — Log Review

You are Alex. Verify the Clipboard event was captured — and compare its Activity Type to the AFA event from Task 1.

Step 6 — Navigate to Endpoint DLP Insights

Logs → Insights → Endpoint DLP Insights

Step 7 — Review the Clipboard Violation Log

Apply filter: Channel = Clipboard → Run Query

Field	Value
Channel	Clipboard
Activity Type	Paste Text
DLP Engine	DP Project Code
Rule Name	Block Cut and Paste on Public N...
Action Taken	Block

Compare Activity Type: Paste Text (Task 2) vs Activity Type: File Read (Task 1). Two distinct OS-level events, two different channels, one unified Endpoint DLP Insights log — giving Alex a precise audit trail of exactly what Kevin attempted at each layer.

💡 Key Insight — Lab 7 Complete

Kevin tried two OS-level evasion techniques after his network upload was blocked in Lab 6:

• Application File Access (Task 1) — tried to open the file directly in Notepad++. Blocked at the file read layer before any data reached the application.
• Clipboard (Task 2) — opened in Word (allowed), copied content, tried to paste into Notepad++. Blocked at the clipboard paste layer.

Neither attempt generated network traffic. Neither was visible to the proxy. Only Endpoint DLP — running at the OS layer — could intercept them.

In Lab 8, Kevin tries one final approach: staying entirely inside the browser where neither the proxy nor endpoint file/clipboard controls can reach. That is where Browser DLP closes the final gap.

💡 Facilitator Notes

Strong transition to Lab 8: "Kevin has now been blocked via network upload (Lab 6), direct file access (Lab 7 Task 1), and clipboard copy/paste (Lab 7 Task 2). His last idea: stay entirely inside the browser and paste the content directly into a ChatGPT prompt. No file upload, no local app, no clipboard to a non-browser destination. That is Lab 8."

---

Lab Summary

In this lab:

1. Alex reviewed the Notepad++ application definition in DLP Resources
2. Alex created an Application File Access rule using the DP Project Code engine
3. Alex pushed the updated policy to the endpoint via ZCC → Update DLP Policy
4. Kevin right-clicked Dataparity_Q2_2025_Workforce_Financial_Summary.docx → Edit with Notepad++ → blocked at OS file read layer
5. Alex confirmed Activity Type: File Read in Endpoint DLP Insights
6. Kevin opened the file in Word (allowed), copied sensitive content, attempted to paste into Notepad++ → blocked at OS clipboard layer
7. Alex confirmed Activity Type: Paste Text in Endpoint DLP Insights — two distinct channels, one unified log

Key Takeaway: Endpoint DLP closes the OS-layer gaps that proxy and browser DLP cannot cover. Application File Access and Clipboard are two complementary channels that together prevent both direct file extraction and content copy/paste exfiltration — entirely off-network.