The method of personal data usage in which the users must explicitly decide not to participate.

An organization is always a data controller for its _____________.

Categorise the following statement:
"For an identified data leakage scenario, security team is struggling to configure rules."

Classify the following scenario as major or minor non-conformity.
"The organization defined information access and usage policy and rolled it out across the organization No formal exercise, however, was conducted to prepare the policy During implementation, certain discrepancies came out and these were addressed through appropriate policy revisions though this created a lot of hue and cry in the organization and the policy was criticized for adversely affecting productivity But with appropriate revisions and passage of time, the policy has been accepted In a recently conducted external audit one incident has come to light wherein the usage and access policy has been violated by an employee twice As per the auditor this incident should have been identified by the organization In its explanation to the auditor the management informed that appropriate access and usage monitoring mechanisms have been put in place but admitted that there may have been some lapses".

You want to assure that data is shared securely, particularly with third parties outside the organization. What protocol provides the ability to extend the network perimeter using of encapsulation and encryption?