nerdexam
Cisco

350-701 · Question #191

A company is experiencing exfiltration of credit card numbers that are not being stored on- premise. The company needs to be able to protect sensitive data throughout the full environment. Which tool

The correct answer is B. Cloudlock. Cisco Cloudlock, a Cloud Access Security Broker (CASB), should be used to protect sensitive data like credit card numbers being exfiltrated from non-on-premise environments.

Submitted by packet_pusher· Mar 30, 2026Cloud Security

Question

A company is experiencing exfiltration of credit card numbers that are not being stored on- premise. The company needs to be able to protect sensitive data throughout the full environment. Which tool should be used to accomplish this goal?

Exhibit

350-701 question #191 exhibit

Options

  • ASecurity Manager
  • BCloudlock
  • CWeb Security Appliance
  • DCisco ISE

How the community answered

(31 responses)
  • A
    13% (4)
  • B
    77% (24)
  • C
    6% (2)
  • D
    3% (1)

Why each option

Cisco Cloudlock, a Cloud Access Security Broker (CASB), should be used to protect sensitive data like credit card numbers being exfiltrated from non-on-premise environments.

ASecurity Manager

Cisco Security Manager is primarily a management platform for Cisco network security devices (e.g., firewalls), not a cloud-native DLP solution.

BCloudlockCorrect

Cisco Cloudlock is a Cloud Access Security Broker (CASB) solution that provides data loss prevention (DLP) capabilities specifically designed for cloud applications and environments. It detects and prevents exfiltration of sensitive data like credit card numbers across various cloud services, thereby protecting data not stored on-premise.

CWeb Security Appliance

A Web Security Appliance (WSA) primarily protects against web-based threats and controls web access, but it is not designed for comprehensive cloud DLP across various SaaS applications.

DCisco ISE

Cisco Identity Services Engine (ISE) is used for network access control (NAC) and policy enforcement for devices connecting to the network, not for preventing data exfiltration in cloud applications.

Concept tested: Cloud Access Security Broker (CASB) for data protection

Source: https://www.cisco.com/c/en/us/products/security/cloudlock/index.html

Topics

#Cloud DLP#CASB#Data exfiltration#Sensitive data protection

Community Discussion

No community discussion yet for this question.

Full 350-701 Practice