nerdexam
(ISC)2

CISSP · Question #600

Which of the following MUST be considered when developing business rules for a data loss prevention (DLP) solution?

The correct answer is B. Data sensitivity. A data loss prevention (DLP) solution is a system that monitors, detects, and prevents the unauthorized access, use, or transfer of sensitive data. A DLP solution relies on business rules to define what constitutes sensitive data and what actions are allowed or prohibited for the

Submitted by khalil_dz· Mar 5, 2026Asset Security

Question

Which of the following MUST be considered when developing business rules for a data loss prevention (DLP) solution?

Options

  • AData availability
  • BData sensitivity
  • CData ownership
  • DData integrity

How the community answered

(43 responses)
  • A
    5% (2)
  • B
    91% (39)
  • C
    2% (1)
  • D
    2% (1)

Explanation

A data loss prevention (DLP) solution is a system that monitors, detects, and prevents the unauthorized access, use, or transfer of sensitive data. A DLP solution relies on business rules to define what constitutes sensitive data and what actions are allowed or prohibited for the data. Therefore, one of the factors that must be considered when developing business rules for a DLP solution is data sensitivity. Data sensitivity is the degree to which the data is confidential, valuable, or critical to the organization or its stakeholders. Data sensitivity determines the level of protection and control that the data requires, and the potential impact or risk of data loss. Data availability, data ownership, and data integrity are also important factors for data security, but they are not specific to DLP solutions.

Topics

#DLP#Data sensitivity#Data classification#Data protection

Community Discussion

No community discussion yet for this question.

Full CISSP Practice