UnixTime

Research Note

EXAM-032 - DLP and Backup

- DLP is not just a tool. - DLP requires knowing sensitive data and approved flows. - False positives affect DLP effectiveness. - Backup job success is not restore success. - Ba...

On this page

Memory cues

Control Cue
A.8.12 Data Leakage Prevention Prevent sensitive data leaving through unapproved flows
A.8.13 Information Backup Maintain and test backups of information, software, and systems

Likely exam traps

  • DLP is not just a tool.
  • DLP requires knowing sensitive data and approved flows.
  • False positives affect DLP effectiveness.
  • Backup job success is not restore success.
  • Backups need protection equivalent to the original information.
  • Cloud backups and snapshots still need scope, retention, protection, and restore testing.

Quick comparison

Question A.8.12 A.8.13
Main concern Unauthorized data leakage Recoverability of information/software/systems
Evidence DLP scope, data flow register, rules, alerts, transfer approvals Backup schedule, coverage, job logs, restore tests, backup protection
Common failure Tool deployed with generic/noisy rules Backups run but restores are never tested
Audit method Follow sensitive data flows and DLP alerts Follow backup set from scope to restore test

Practical mentor takeaway

Exam lens

A.8.12 controls where sensitive data may leave. A.8.13 proves the organization can recover data and systems when something goes wrong.

  • Iso27001
  • Exam
  • Technological controls
  • Dlp
  • Backup

Note Metadata

Aliases: A.8.12 A.8.13 exam cues

Source: 09-Exam-Preparation/EXAM-032-DLP-and-Backup.md