Question 61: To advance security policies in cloud environments and improve visibility into cloud usage with log analysis, DLP tools should integrate with which of the following?
A. Cloud compliance checklist
C. Container orchestration platform
Correct Answer: B. CASB
Organizations can address data security challenges in the cloud by integrating a CASB into the DLP strategy. This enables greater visibility into cloud usage and extends security policy enforcement across complex cloud environments.
Question 62: Which of the following is the most important aspect in determining DLP readiness before deploying?
A. Choosing a vendor
B. Focusing on DLP limitations in extreme cases
C. Identifying data it is designed to protect
D. Relying on DLP as an infallible security control
Correct Answer: C. Identifying data it is designed to protect
The most simple yet significant aspect of ensuring DLP effectiveness is determining what data to protect and where that data resides. DLP works best when the data has a defined pattern, location or source.
Question 63: How do DLP tools help organizations maintain data privacy compliance?
A. DLP software provides templates for compliance with certain regulations.
B. DLP systems log alerts and/or prevent sensitive data from being sent outside the organization.
C. Both of the above
D. None of the above
Correct Answer: C. Both of the above
By providing templates for compliance with mandates such as HIPAA and by logging and/or preventing sensitive data from being sent externally, DLP can significantly aid compliance efforts as part of an enterprise data privacy framework.
Question 64: DLP products can be categorized into which of the following two deployment models?
A. Zero trust and cloud-based
B. Cloud-based and agent-based
C. Network-based and agent-based
D. None of the above
Correct Answer: C. Network-based and agent-based
When choosing a DLP product, security leaders must decide between network-based and agent-based deployment models.
Question 65: Which of the following is too often considered an afterthought when implementing DLP tools for security?
A. Structured data in databases
B. Unstructured data
C. Account directory data
D. Data in transit
Correct Answer: A. Structured data in databases
To detect weaknesses and improve DLP management, pay special attention to structured data found in databases, which can often be overlooked by IT leaders preoccupied with the risks associated with unstructured data.
Question 66: DLP monitoring channels yield detailed logs that can be used to build which of the following?
A. Business email compromise scams
B. Comprehensive user behavior analytics foundation
C. Sophisticated phishing tests
D. Container cluster
Correct Answer: B. Comprehensive user behavior analytics foundation
DLP monitoring channels track client behavior and create a detailed log that can be used to build a comprehensive user behavior analytics foundation.
Question 67: Which of the following was a common obstacle to DLP technology success in the past?
A. Too expensive to license and install
B. Too many false positives
C. Too difficult to set up
D. All of the above
Correct Answer: D. All of the above
In years past, some IT practitioners experienced difficulty with setup or too many false positives, as well as financial barriers, which held them back from successful DLP adoption. New approaches to DLP have improved upon previous setbacks by using cloud technology and incorporating threat intelligence integration.
Question 68: What should teams do before Agile sprint planning and execution?
A. Find a large enough collaboration space
B. Compile a list of necessary QA and dev tools
C. Gather software requirements
D. Host a company-wide air hockey tournament
Correct Answer: C. Gather software requirements
An organization must establish what functionalities and features its end users want from the software development project. Without knowledge of the requirements that Agile teams must meet, it’s difficult — if not impossible — to plan out their work. Don’t put the cart before the horse.
Question 69: What topic falls outside the scope of a well-run daily stand-up meeting?
A. Recently completed tasks
B. Current obstacles
C. Planning out an iteration or sprint
D. What everyone will work on today
Correct Answer: C. Planning out an iteration or sprint
A daily stand-up meeting typically takes no longer than 15 minutes, much too short to plan out an Agile sprint or iteration. Take more time to plan out sprints and gather software requirements — and do that work before the actual iteration or sprint. Limit the scope of daily stand-up meetings to imminent or recent items, such as recently completed tasks, current obstacles and ongoing work.
Question 70: What must the team discuss in a sprint planning meeting?
A. When and how they will deliver backlog items
B. Whether this or an alternative project would deliver more business value
C. Who will be the Scrum master
D. Who on the development team will be on-call during weekends
Correct Answer: A. When and how they will deliver backlog items
Before any sprint, an Agile team determines what work will get done and how. At the end of sprint planning, teams should have a clear understanding of the scope of the next iteration and the yardsticks that will gauge work in progress. The Scrum master, who facilitates teamwork and communication throughout the project, requires training and certification. This role shouldn’t be left up to chance, or a group decision during sprint planning.