exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam

Exam CISSP topic 1 question 95 discussion

Actual exam question from ISC's CISSP
Question #: 95
Topic #: 1
[All CISSP Questions]

What is the FIRST step that should be considered in a Data Loss Prevention (DLP) program?

  • A. Policy creation
  • B. Information Rights Management (IRM)
  • C. Data classification
  • D. Configuration management (CM)
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Peterzhang
Highly Voted 2 years, 3 months ago
The C answer is correct.From CBK: Discovery and classification: The first stage of DLP is discovery and classification. Discovery is the process of finding all instances of data, while classification is the act of categorizing that data based on its sensitivity and value to the organization. While you should have classified your data as part of your information asset inventory, many DLP tools are capable of applying signature-based logic that determines the classification of data. In many cases, your existing classification information can be used to “tune” the DLP to know what you consider sensitive. Examples of classifications might include “PCI data” (or “cardholder data”), “Social Security numbers,” “PHI,” and so on. Comprehensive discovery and proper classification is critical to the effectiveness of the remaining stages and to the success of your overall DLP implementation.
upvoted 14 times
sphenixfire
2 years, 2 months ago
great thanks
upvoted 1 times
jackdryan
1 year, 7 months ago
C is correct
upvoted 1 times
...
...
...
Humongous1593
Highly Voted 2 years, 2 months ago
Selected Answer: C
CBK Page 141 as PeterZhang stated word for word.
upvoted 6 times
...
deeden
Most Recent 4 months, 3 weeks ago
Selected Answer: C
Data classification is essential to identify and categorize sensitive data so appropriate DLP policies and controls can be applied effectively. Without understanding what data is sensitive and where it resides, it is challenging to implement effective DLP measures.
upvoted 1 times
...
Ramye
6 months ago
Selected Answer: A
Policy is the first step. You can’t just start classifying data without proper strategy and guidelines. Policy will direct you how the data needs to be classified based on business needs.
upvoted 1 times
...
Vasyamba1
9 months, 1 week ago
Selected Answer: A
First we need a policy that will tell us how data must be categorized. Data classification is just an existance of structure of classes, without the exact categorization process.
upvoted 2 times
...
Bach1968
1 year, 5 months ago
Selected Answer: C
C. Data classification. Data classification involves categorizing and labeling data based on its sensitivity, value, and regulatory requirements. It is a foundational step in a DLP program as it helps organizations understand the types of data they possess, determine their data protection requirements, and prioritize their security efforts accordingly. By classifying data, organizations can identify which data sets are more sensitive or critical and require stricter protection measures. This allows them to focus their resources on implementing appropriate DLP controls and policies to safeguard the classified data effectively. Data classification also aids in streamlining data handling processes, ensuring proper access controls, and facilitating compliance with relevant data protection regulations. Once data is classified, organizations can proceed with subsequent steps in their DLP program, such as policy creation (Option A), information rights management (Option B), and configuration management (Option D), based on the specific needs and goals of their data protection strategy.
upvoted 2 times
...
NageshTiwari
1 year, 8 months ago
C. Data classification. The first step that should be considered in a Data Loss Prevention (DLP) program is data classification. Data classification involves identifying and categorizing data according to its level of sensitivity, value, and importance. This helps to ensure that appropriate security controls and protections are put in place to safeguard the data and prevent it from being lost or stolen. Once data has been classified, the organization can then develop policies and procedures to protect the data based on its classification. Information Rights Management (IRM) and Configuration Management (CM) are both important components of a DLP program, but they come after data classification. In summary, data classification is the foundational step in a DLP program, and it is critical to the success of the program. Without proper data classification, it is difficult to develop effective policies and controls to protect sensitive data from loss or theft.
upvoted 2 times
...
DapengZhang
1 year, 9 months ago
Selected Answer: B
why it is not B, the 1st thing need to do is identify who shall be the owner of data, then create policy and classify the data.
upvoted 1 times
...
Nickname53796
2 years, 2 months ago
Selected Answer: A
…first you need a policy. A policy to say watermark this and that, a policy to say no PII on local machines, etc, whatever policy you want. Then this can enforce that policy
upvoted 4 times
...
The_Black_One
2 years, 2 months ago
The answer should be A - A DLP program seeks to improve information security and protect business information from data breaches. It's not just a tool; it's an approach that combines defined processes, well-informed and trained people, and effective technologies.
upvoted 2 times
Jenkins3mol
7 months, 3 weeks ago
It is the name of a product.
upvoted 1 times
...
...
dev46
2 years, 3 months ago
The question asks about DLP program. A - policy would include most of the other options
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago