nerdexam
(ISC)2

CISSP · Question #994

Which of the following is a benefit of implementing data-in-use controls?

The correct answer is B. When the data is being viewed, it can only be printed by authorized users.. Data-in-use controls protect sensitive information while it is actively being processed or viewed, preventing unauthorized actions on that data.

Submitted by fernanda_arg· Mar 5, 2026Asset Security

Question

Which of the following is a benefit of implementing data-in-use controls?

Options

  • AIf the data is lost, it must be decrypted to be opened.
  • BWhen the data is being viewed, it can only be printed by authorized users.
  • CWhen the data is being viewed, it can be accessed using secure protocols.
  • DIf the data is lost, it may not be accessible to unauthorized users.

How the community answered

(31 responses)
  • A
    10% (3)
  • B
    81% (25)
  • C
    6% (2)
  • D
    3% (1)

Why each option

Data-in-use controls protect sensitive information while it is actively being processed or viewed, preventing unauthorized actions on that data.

AIf the data is lost, it must be decrypted to be opened.

This describes a benefit of data-at-rest encryption, which protects data when it is stored and not actively being processed, rather than data-in-use.

BWhen the data is being viewed, it can only be printed by authorized users.Correct

Data-in-use controls are security measures designed to protect sensitive information while it is actively being processed, viewed, or manipulated by users. A primary benefit is the ability to enforce granular restrictions, such as preventing unauthorized printing, copying, or forwarding of data, even after legitimate access has been granted, often through solutions like Data Loss Prevention (DLP) or Information Rights Management (IRM).

CWhen the data is being viewed, it can be accessed using secure protocols.

Accessing data using secure protocols primarily addresses data-in-transit security, ensuring confidentiality and integrity during transmission, not controls over actions taken on the data once viewed.

DIf the data is lost, it may not be accessible to unauthorized users.

This refers to the benefits of data-at-rest encryption or general data loss prevention (DLP) for data that is stored or has been lost, not controls specifically applied while data is actively in use.

Concept tested: Data-in-use security and controls

Source: https://learn.microsoft.com/en-us/purview/dlp-learn-about

Topics

#data-in-use#data protection#DLP#access control

Community Discussion

No community discussion yet for this question.

Full CISSP Practice