CS0-003 · Question #113
CS0-003 Question #113: Real Exam Question with Answer & Explanation
The correct answer is D: DLP. A CISO seeking a solution to block and track sensitive data based on content and profiles is looking for a Data Loss Prevention (DLP) system.
Question
The Chief Information Security Officer (CISO) of a large financial institution is seeking a solution that will block a predetermined set of data points from being transferred or downloaded by employees. The CISO also wants to track the data assets by name, type, content, or data profile. Which of the following BEST describes what the CIS wants to purchase?
Options
- AAsset tagging
- BSIEM
- CFile integrity monitor
- DDLP
Explanation
A CISO seeking a solution to block and track sensitive data based on content and profiles is looking for a Data Loss Prevention (DLP) system.
Common mistakes.
- A. Asset tagging is used for inventory and physical tracking of assets, not for protecting sensitive data based on its content or preventing its transfer.
- B. A Security Information and Event Management (SIEM) system aggregates and analyzes security logs for threat detection, but it does not inherently block data transfers or classify data by content for prevention.
- C. A File Integrity Monitor (FIM) detects unauthorized changes to files but does not prevent data exfiltration based on data content or profile, nor does it track data assets as described.
Concept tested. Data Loss Prevention (DLP) capabilities
Reference. https://learn.microsoft.com/en-us/microsoft-365/compliance/dlp-learn-about-dlp
Topics
Community Discussion
No community discussion yet for this question.