KeyTrain's Key Training — Data Protection — free practice exam
20 original practice questions aligned to official exam domains. Run a timed, domain-weighted quiz in your browser — no login required.
Exam domains
| Domain | Weight |
|---|---|
| Sensitive data exposure | 20% |
| Encryption | 20% |
| Data loss prevention (DLP) | 20% |
| Removable media | 20% |
| Backups | 20% |
Sample practice questions
- A cloud admin can delete production and backup vaults with one role. Best fix?
- A conference hands out branded USB drives at your booth. Security recommendation?
- A contractor pastes customer PII into a public ChatGPT session. Which combined control helps MOST?
- Database backups are copied to tape unencrypted for 'speed.' What risk should leadership accept if continuing?
- Developers store TLS private keys in the application Git repo for 'deployment speed.' Fix?
- DLP alerts on a spreadsheet labeled 'Internal' leaving via personal webmail. Best FIRST step?
- DLP blocks a nurse emailing treatment notes to a personal account for 'convenience.' Which outcome is correct?
- Endpoint DLP generates many false positives on source code zips. What tuning is BEST?
- Engineers paste production database connection strings into a public Slack channel. Response?
- A found USB drive is plugged into a SOC analyst machine 'to see who lost it.' What is the SAFE procedure?
- Git history contains AWS keys for a retired project. What reduces future sensitive exposure?
- Immutable backups are enabled, but backup admin can delete vault locks. Best improvement?
- Laptops are stolen from a locked office; drives use BitLocker with TPM+PIN. Which data state is MOST protected?
- Marketing requests USB giveaways with preloaded brochures. Security concern to raise?
- A public S3 bucket listing contains customer medical record filenames. What is the IMMEDIATE priority?
- Ransomware encrypts production; backups exist but are on the same VLAN as servers. Likely failure mode?
- A researcher finds patient MRNs in a public analytics dashboard screenshot on LinkedIn. FIRST step?
- Restore test last ran three years ago. Which risk is MOST acute?
- A team proposes TLS 1.0 for legacy clients on an internet-facing API. What is the BEST security stance?
- USB storage is disabled, but staff use phone charging cables that mount as MTP devices. What should you add?