Which of the following is the MOST reliable way for an IS auditor to evaluate the operational effectiveness of an organization's data loss prevention (DLP) controls?
A.
Conduct interviews to identify possible data protection vulnerabilities.
B.
Verify that confidential files cannot be transmitted to a personal USB device.
C.
Verify that current DLP software is installed on all computer systems.
D.
Review data classification levels based on industry best practice
While verifying the installation of DLP software on all computer systems (option C) is important, it does not directly assess the functionality or effectiveness of the DLP controls in preventing data loss incidents. Testing specific functionalities, such as preventing data transfers to USB devices, provides more direct evidence of the operational effectiveness of the DLP controls.
D is the right answer. Review data classification levels based on industry best practice
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
starzuu
Highly Voted 1 year, 3 months agoPurpleParrot
Most Recent 3 months, 2 weeks agoInfysenthil
4 months, 2 weeks agoSwallows
5 months, 1 week agoshalota2
5 months, 3 weeks ago001Yogesh
11 months, 1 week agoChaBum
8 months, 2 weeks ago3008
11 months, 4 weeks agoChaBum
8 months, 2 weeks agoNotJamesCharles
11 months, 2 weeks agoStaanlee
1 year, 11 months ago