ExamGecko
Search Search Login
Home Home / Isaca / CISA
Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which of the following is the BEST indicator of the effectiveness of an organization's incident response program?
Which of the following is the BEST way to ensure that an application is performing according to its specifications?
An IS auditor is reviewing a client's outsourced payroll system to assess whether the financial audit team can rely on the application. Which of the following findings would be the auditor's GREATEST concern?
Which of the following poses the GREATEST risk to the use of active RFID tags?
The FIRST step in an incident response plan is to:
An IS audit manager was temporarily tasked with supervising a project manager assigned to the organization's payroll application upgrade. Upon returning to the audit department, the audit manager has been asked to perform an audit to validate the implementation of the payroll application. The audit manager is the only one in the audit department with IT project management experience. What is the BEST course of action?
Which of the following is the BEST control lo mitigate attacks that redirect Internet traffic to an unauthorized website?
Which of the following is the BEST way for an IS auditor to assess the design of an automated application control?
Which of the following is MOST appropriate to prevent unauthorized retrieval of confidential information stored in a business application system?
Which of the following findings from a database security audit presents the GREATEST risk of critical security exposures?

Question 1012 - CISA discussion

Report
Export

Which of the following should be the FIRST step when developing a data loss prevention (DLP) solution for a large organization?

A.
Conduct a data inventory and classification exercise.
Answers
A.
Conduct a data inventory and classification exercise.
B.
Identify approved data workflows across the enterprise_
Answers
B.
Identify approved data workflows across the enterprise_
C.
Conduct a threat analysis against sensitive data usage.
Answers
C.
Conduct a threat analysis against sensitive data usage.
D.
Create the DLP policies and templates
Answers
D.
Create the DLP policies and templates
Suggested answer: A

Explanation:

The first step when developing a DLP solution for a large organization is to conduct a data inventory and classification exercise.This step involves identifying and locating all the data assets that the organization owns, generates, or handles, and assigning them to different categories based on their sensitivity, value, and regulatory requirements1.Data inventory and classification is essential for DLP because it helps to determine the scope and objectives of the DLP solution, as well as the appropriate level of protection and monitoring for each data category2.Data inventory and classification also enables the organization to prioritize its DLP efforts based on the risk and impact of data loss or leakage3.

Option B is not correct because identifying approved data workflows across the enterprise is a subsequent step after conducting data inventory and classification.Data workflows are the processes and channels through which data are created, stored, accessed, shared, or transmitted within or outside the organization4.Identifying approved data workflows helps to define the normal and legitimate use of data, as well as to detect and prevent unauthorized or anomalous data activities5. However, before identifying approved data workflows, the organization needs to know what data it has and how it should be classified.

Option C is not correct because conducting a threat analysis against sensitive data usage is another subsequent step after conducting data inventory and classification. Threat analysis is the process of identifying and assessing the potential sources, methods, and impacts of data loss or leakage incidents. Threat analysis helps to design and implement effective DLP controls and countermeasures based on the risk profile of each data category. However, before conducting threat analysis, the organization needs to know what data it has and how it should be classified.

Option D is not correct because creating the DLP policies and templates is the final step after conducting data inventory and classification, identifying approved data workflows, and conducting threat analysis. DLP policies and templates are the rules and configurations that specify how the DLP solution should monitor, detect, report, and respond to data loss or leakage events. DLP policies and templates should be aligned with the organization's business needs, regulatory obligations, and risk appetite. However, before creating the DLP policies and templates, the organization needs to know what data it has, how it should be classified, how it should be used, and what threats it faces.

Data Inventory & Classification: The First Step in Data Protection1

Data Classification: What It Is And Why You Need It2

How to Prioritize Your Data Loss Prevention Strategy in 20203

What Is Data Workflow?Definition & Examples4

How to Identify Data Workflows for Your Business5

Threat Analysis: A Comprehensive Guide for Beginners

How to Conduct a Threat Assessment for Your Business

What Is Data Loss Prevention (DLP)? Definition & Examples

How to Create Effective Data Loss Prevention Policies

Show Answer
asked 18/09/2024
Jose Ortuondo Arambalza
42 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms