ISC CC Exam With Confidence Using Practice Dumps

According to NIST SP 800-61, incident response consists of four core phases:Preparation; Detection and Analysis; Containment, Eradication, and Recovery; and Post-Incident Activity. Option A best represents these core components.

Theprimary purpose of security trainingis to reduce the likelihood and impact of attacks—especially human-centric threats such as phishing, social engineering, and credential theft. While training may also support compliance and efficiency, its most critical role is risk reduction.

Humans are often the weakest link in security. Awareness training helps users recognize threats, follow secure practices, and respond appropriately to suspicious activity, significantly lowering the organization’s attack surface.

Data Loss Prevention (DLP) solutions are specifically designed to detect, monitor, and prevent the unauthorized storage, use, or transmission of sensitive data such as Social Security numbers, credit card data, and personal records. DLP tools can scan endpoint hard drives, servers, databases, and cloud storage to identify sensitive data based on patterns, classifications, or content inspection.

IDS and IPS focus on detecting or blocking network attacks, not improper data storage. TLS encrypts data in transit but does not detect where sensitive data resides. DLP solutions directly address Natalia’s concern by identifying policy violations related to sensitive data storage.

DLP is a critical control recommended by NIST and CIS for protecting regulated data and preventing data leakage across all data states.