An IS auditor finds that an organization's data loss prevention (DLP) system is configured to use vendor default settings to identify violations. The auditor's MAIN concern should be that:
A.
violation reports may not be reviewed in a timely manner.
B.
violations may not be categorized according to the organization's risk profile.
C.
a significant number of false positive violations may be reported.
D.
violation reports may not be retained according to the organization's risk profile.
My answer is option B - the violations may not be categorized according to the organization's risk profile. The default settings may not align with the organization's unique risk environment, and as a result, violations may not be given the appropriate level of attention. This could lead to real violations being overlooked or false positives being reported.
The use of vendor default settings for DLP systems can result in violations being categorized in a way that is not aligned with the organization's risk profile. This means that violations may not be prioritized based on the potential impact on the organization, and resources may not be allocated appropriately to manage the risks. This could result in the organization focusing on less significant violations, while more significant ones go unnoticed.
C. a significant number of false positive violations may be reported.
upvoted 2 times
...
This section is not available anymore. Please use the main Exam Page.CISA Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
spar2kle
9 months ago3008
10 months, 2 weeks agoChangwha
11 months ago