Question 7

Question

Which of the following should be established FIRST so that data owners can consistently assess the
level of data protection needed across the enterprise?

Accepted Answer

Data classification policy

Leo · Answer

D . You need a data classification policy before anything else or the other controls (risk mgmt, retention, encryption) won’t be consistent. If you haven’t defined what’s confidential, how can owners know what protection is needed? Pretty sure D is the foundation here, but open to pushback.

JackL · Answer

Its B for me, since a data risk management program is how owners learn to assess threats and needed protections. I get the argument for D but risk management feels more actionable. Not 100 percent though, open to other thoughts.

Mason B. · Answer

Yeah, D for sure. You need a data classification policy first or else there's no standard way for data owners to know how sensitive anything is. Everything else like risk management or encryption relies on that baseline. Pretty confident, but if someone thinks B makes more sense let me know.

Sanjay K. · Answer

Option C clear and logical question statement makes this one pretty straightforward.

Zoe · Answer

I don’t think it’s D. B makes more sense to me since having a risk management program helps owners know what threats to look for first. Saw a similar question on a practice test and they went with B. Agree?

📖 About this Domain

🎓 What You Will Learn

🛠️ Skills You Will Build

💡 Top Tips to Prepare

📖 About this Domain

🎓 What You Will Learn

🛠️ Skills You Will Build

💡 Top Tips to Prepare

📖 About this Domain

🎓 What You Will Learn

🛠️ Skills You Will Build

💡 Top Tips to Prepare

📖 About this Domain

🎓 What You Will Learn

🛠️ Skills You Will Build

💡 Top Tips to Prepare

Premium Access Includes

FLASH OFFER

avail 10% DISCOUNT on YOUR PURCHASE