A data loss prevention (DLP) tool has flagged personally identifiable information (PII) during transmission. Which of the following should the information security manager do FIRST?

A. Validate the scope and impact with the business process owner.

B. Escalate the issue to senior management.

C. Review and validate the rules within the DLP system.

D. Initiate the incident response plan.








 

Suggested Answer: A



This question is in CISM exam 
For getting Certified Information Security Manager Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by ISACA.
The website does not contain actual questions and answers from ISACA's Certification Exams.
Trademarks, certification & product names are used for reference only and belong to ISACA.