New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca CISA Exam - Topic 3 Question 90 Discussion

Actual exam question for Isaca's CISA exam
Question #: 90
Topic #: 3
[All CISA Questions]

Which of the following methods would BEST help detect unauthorized disclosure of confidential documents sent over corporate email?

Show Suggested Answer Hide Answer
Suggested Answer: D

To detect unauthorized disclosure of confidential documents sent over corporate email, monitoring all emails based on pre-defined criteria is the best approach. This involves setting up automated monitoring systems that analyze email content, attachments, and metadata to identify any potential unauthorized disclosures. By defining specific criteria (such as keywords related to confidential information), organizations can proactively detect and prevent leaks. Requiring encryption before sending documents (option A) is important but does not address monitoring for unauthorized disclosures. Firewalls (option B) protect the network but do not specifically focus on email content.Reporting outgoing emails marked as confidential (option C) relies on user self-reporting and may not catch all incidents12.Reference:1(https://www.isaca.org/resources/isaca-journal/past-issues/2010/data-governance-for-privacy-confidentiality-and-compliance-a-holistic-approach)2(https://www.isaca.org/resources/news-and-trends/newsletters/atisaca/2020/volume-6/best-practices-for-privacy-audits)


by Sherman at Sep 14, 2024, 04:08 PM

Limited Time Offer

25%

Off

Get Premium CISA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Haley
3 months ago
Reporting outgoing confidential emails seems too reactive, not proactive.
upvoted 0 times
...
Audria
3 months ago
Wait, can we really monitor all emails effectively?
upvoted 0 times
...
Yvonne
3 months ago
A is good too, but it relies on users actually encrypting.
upvoted 0 times
...
Daron
4 months ago
Totally agree, D covers more ground!
upvoted 0 times
...
Carmelina
4 months ago
I think D is the best option for monitoring.
upvoted 0 times
...
Nieves
4 months ago
I recall a practice question where monitoring was emphasized. It seems like option D aligns with that, but I’m still a bit confused about how effective it would be in real scenarios.
upvoted 0 times
...
Laine
4 months ago
I think option C could be effective since reporting confidential emails might catch unauthorized disclosures, but I wonder if it’s enough on its own.
upvoted 0 times
...
Olga
4 months ago
I'm not entirely sure, but I feel like requiring encryption could help too. It seems like a good preventive measure, but does it really detect unauthorized disclosure?
upvoted 0 times
...
Dorthy
5 months ago
I remember we discussed the importance of monitoring emails in class, so I think option D might be the best choice.
upvoted 0 times
...
Lauran
5 months ago
I'm leaning towards reporting all outgoing confidential emails. That seems like a straightforward way to keep an eye on sensitive information leaving the company.
upvoted 0 times
...
Arlette
5 months ago
Monitoring all emails based on pre-defined criteria sounds like the best approach to me. That way you can catch any suspicious activity, even if the documents aren't marked as confidential.
upvoted 0 times
...
Carmelina
5 months ago
Hmm, I'm not sure about this one. Encrypting documents seems like a good idea, but would that really help detect disclosure? I'll have to weigh the pros and cons of each choice.
upvoted 0 times
...
Chi
5 months ago
This seems like a tricky one. I'll need to think carefully about the different options and how they would actually help detect unauthorized disclosure.
upvoted 0 times
...
Dexter
5 months ago
Based on my understanding, a bastion host is used to provide a secure entry point to a network, so it should be placed beyond the outer perimeter firewall, option C.
upvoted 0 times
...
Weldon
1 year ago
Dude, can you imagine the IT guy's face if he had to read every single email? Option D is the only practical solution here.
upvoted 0 times
Nelida
1 year ago
Requiring all users to encrypt documents before sending could also help prevent unauthorized disclosure.
upvoted 0 times
...
Gertude
1 year ago
Yeah, it would be impossible for the IT guy to manually read every email. Option D is definitely the way to go.
upvoted 0 times
...
Kimi
1 year ago
I agree, monitoring all emails based on pre-defined criteria is the most effective method.
upvoted 0 times
...
Portia
1 year ago
Installing firewalls is important for overall security, but it may not specifically target unauthorized disclosure of confidential documents.
upvoted 0 times
...
Derrick
1 year ago
Requiring encryption is good too, but monitoring emails is more proactive in detecting unauthorized disclosure.
upvoted 0 times
...
Rex
1 year ago
I agree, it may seem like a lot of work but it's necessary to protect confidential information.
upvoted 0 times
...
Reena
1 year ago
Option D is definitely the way to go. Monitoring all emails is the most effective method.
upvoted 0 times
...
...
Erin
1 year ago
Firewalls? Really? That's so 90s. Monitoring emails is the way forward. D all the way!
upvoted 0 times
...
Berry
1 year ago
Option C sounds good, but what if someone accidentally marks an email as confidential? That could get messy. I'd go with D to be safe.
upvoted 0 times
Nu
1 year ago
True, encryption can definitely add an extra layer of security to protect sensitive information.
upvoted 0 times
...
Aide
1 year ago
But wouldn't option A also be helpful in preventing unauthorized access to confidential documents?
upvoted 0 times
...
Dino
1 year ago
I agree, option D seems like the most reliable method to detect unauthorized disclosure.
upvoted 0 times
...
...
Reuben
1 year ago
But wouldn't requiring all users to encrypt documents before sending also be effective in preventing unauthorized disclosure?
upvoted 0 times
...
Freeman
1 year ago
Haha, if I were a hacker, I'd just encrypt the documents before sending them. Option A is a total joke!
upvoted 0 times
Kiley
1 year ago
Margery: Reporting all outgoing emails that are marked as confidential could also be a good way to detect unauthorized disclosure.
upvoted 0 times
...
Clorinda
1 year ago
Installing firewalls on the corporate network can also help prevent unauthorized access to confidential documents.
upvoted 0 times
...
Margery
1 year ago
I think monitoring all emails based on pre-defined criteria would be more effective in detecting unauthorized disclosure.
upvoted 0 times
...
Jerry
1 year ago
Option A is not foolproof, hackers can still find a way to decrypt encrypted documents.
upvoted 0 times
...
...
Reuben
1 year ago
I agree with Kanisha, monitoring emails can help detect unauthorized disclosure.
upvoted 0 times
...
Sherron
1 year ago
I think option D is the best way to go. Monitoring all emails based on pre-defined criteria seems like the most comprehensive approach to detect unauthorized disclosure.
upvoted 0 times
Zena
1 year ago
I think requiring all users to encrypt documents before sending is also important to prevent unauthorized access.
upvoted 0 times
...
Cora
1 year ago
I agree, monitoring emails based on pre-defined criteria would definitely help catch any unauthorized disclosure.
upvoted 0 times
...
...
Kanisha
1 year ago
I think monitoring all emails based on pre-defined criteria would be the best method.
upvoted 0 times
...

Save Cancel