RelOne DATA BREACH RESPONSE Certification Flashcards by Analicia Montanez

What is Data Breach Response?
a. An AI-powered solution used to reduce the time, cost,
and risk to produce an entity notification list.
b. An AI solution used to reduce the time, cost, and risk to
produce a set of redacted documents.
c. An AI solution used to remove the need for human review
in order to generate an entity notification list.

a. An AI-powered solution used to reduce the time, cost,
and risk to produce an entity notification list.

How well did you know this?

Not at all

Perfectly

What unit is billed for Data Breach Response?
a. Number of documents ingested.
b. Gigabytes of data in Data Breach Response per month.
c. Number of entities found.

b. Gigabytes of data in Data Breach Response per month.

How well did you know this?

Not at all

Perfectly

How can you provide RelativityOne users access to Data
Breach Response?
a. Add them to a group that has the correct permissions set.
b. It is automatically available for all users after installing the
application.
c. Contact Relativity to have their accounts created.

a. Add them to a group that has the correct permissions set.

How well did you know this?

Not at all

Perfectly

What must you provide to analyze documents in Data Breach
Response?
a. A list of terms and PI types that the AI will use for
personal information identification.
b. A saved search with documents to ingest.
c. An entity notification list

b. A saved search with documents to ingest.

How well did you know this?

Not at all

Perfectly

How does Data Breach Response link personal information
(PI) for structured and unstructured documents?
a. PI is automatically linked for structured documents and automatically linked for unstructured documents.
b. PI is automatically linked for structured documents and manually linked for unstructured documents.
c. PI is manually linked for structured documents and automatically linked for unstructured documents.

b. PI is automatically linked for structured documents and manually linked for unstructured documents.

How well did you know this?

Not at all

Perfectly

What is an advantage of Data Breach Response compared to
other solutions?
a. It automates the entire data breach response process.
b. Its a purpose-built data breach application in RelativityOne.
c. It builds notification lists in a few hours.

b. Its a purpose-built data breach application in RelativityOne.

How well did you know this?

Not at all

Perfectly

What tools does Data Breach Response leverage for
personal information identification?
a. Pre-built AI and ML models to find pre-determined PI types.
b. User-created AI and ML models to find pre-determined PI
types.
c. User-created AI and ML models to find unknown PI types.

a. Pre-built AI and ML models to find pre-determined PI types.

How well did you know this?

Not at all

Perfectly

How does Data Breach Response expedite manual
deduplication efforts while still providing transparency into
the process, leading to faster and cleaner generation of
entity reports?
a. Through automatic deduplication of personal information.
b. Through automatic linking of personal information across
all document formats.
c. Through automatic deduplication of entities and entity review workflows.

c. Through automatic deduplication of entities and entity review workflows.

How well did you know this?

Not at all

Perfectly

What is a benefit to using Data Breach Response?
a. Data never leaves the RelativityOne security boundary.
b. You can determine the relationship between impacted individuals and fraudulent activity.
c. It provides endpoint threat detection capabilities to prevent malicious activity and threat actors.

a. Data never leaves the RelativityOne security boundary.

How well did you know this?

Not at all

Perfectly

How much can review time be reduced, on average, when
leveraging AI in Data Breach Response?
a. 25%
b. 50%
c. 75%

b. 50%

How well did you know this?

Not at all

Perfectly

How long does it take, on average, to produce an initial assessment of personal information found within a data set?
a. 2-3 days
b. 4-5 days
c. 7 days

a. 2-3 days

How well did you know this?

Not at all

Perfectly

What are the two reports that can be used to QC entity results?
a. Deduplicate and Normalize Entities table and Merge reason table.
b. Unlinked PI Log and Document Report.
c. Merge reason table and Unlinked PI Log.

a. Deduplicate and Normalize Entities table and Merge reason table.

How well did you know this?

Not at all

Perfectly

What information about entities is searchable with PI and Entity Search?
a. Jurisdiction the entity resides in.
b. Entity count on the document.
c. Other names an entity is known by in the dataset.

b. Entity count on the document.

How well did you know this?

Not at all

Perfectly

What should you do after resolving conflicts generated by the automatic entity normalization process?
a. Run an Entity Centric Report job from the Reports tab and export the report as an excel document; no Incorporate Feedback processing is necessary.
b. Rerun the deduplicate individuals and report generation Incorporate Feedback stages to record your changes and generate an updated version of the Entity Centric Report.
c. Rerun the report generation Incorporate Feedback stage to record your changes and generate an updated version of the Entity Centric Report.

b. Rerun the deduplicate individuals and report generation Incorporate Feedback stages to record your changes and generate an updated version of the Entity Centric Report.

How well did you know this?

Not at all

Perfectly

What is the purpose of configuring your deduplication preferences?
a. To ensure your coding layout is configured with the fields you want your review team to utilize.
b. To ensure every entity name requiring redaction is unique.
c. To tell the algorithm how to deduplicate the entities found within the data set.

c. To tell the algorithm how to deduplicate the entities found within the data set.

How well did you know this?

Not at all

Perfectly

What is the purpose of resolving conflicts within Entity Clusters?
a. To perform quality control efforts on the machine-generated list of entities with possible similarities.
b. To manually normalize and deduplicate all entities identified by a human review team earlier in the project.
c. To manually resolve all tertiary conflicts while relying on automatic normalization processes to resolve primary and secondary conflicts.

a. To perform quality control efforts on the machine-generated list of entities with possible similarities.

How well did you know this?

Not at all

Perfectly

What syntax can you use for a PI and Entities Search to find
documents with a breached entity?
a. CONTAINS DATA BREACH ENTITY
b. CONTAINS BREACH
c. CONTAINS PI

a. CONTAINS DATA BREACH ENTITY

What report can you use to resolve a conflict within a cluster if there are two people with the same name but differing
social security numbers?
a. Merge reason table.
b. Deduplicate and Normalize Entities table.
c. Entity Centric Report.

b. Deduplicate and Normalize Entities table.

In which situation would the Unlinked PI Log be most useful?
a. To identify all personal information that has not yet been linked to an entity in the dataset.
b. To configure the deduplication settings that will be used to normalize entities in the dataset.
c. To see a high-level snapshot of all personal information found in the dataset.

a. To identify all personal information that has not yet been linked to an entity in the dataset.

What type of Review Center queue should be used for Data Breach Response?
a. Data breach review queue.
b. Coverage review queue.
c. Saved search review queue.

c. Saved search review queue.

What is the purpose of the final Entity Centric Report in a data breach?
a. It demonstrates how many documents in the dataset contain personal information and which documents are likely to contain entities who need notified.
b. It gives users a list of entities found in the dataset, which can be used as search terms to build a review queue.
c. It provides a notification list of all entities found in the dataset and which of their personal information was breached.

c. It provides a notification list of all entities found in the dataset and which of their personal information was breached.

What is the best method for identifying medical information using Data Breach Response?
a. Create a custom detector for date of birth.
b. Turn on the Medical Information document classifier.
c. Create a saved search for ‘patient’ OR ‘medical’.

b. Turn on the Medical Information document classifier.

When linking personal information to an individual, where will the linked information appear?
a. The Linked Entities panel.
b. The PI Detection panel.
c. The coding layout

a. The Linked Entities panel.

What does the initial Document Report tell you about a data breach?
a. It predicts which documents in the dataset may be privileged and should be reviewed outside of the Data Breach Response platform.
b. It provides an understanding of which reviewers work will need a second review to ensure the final Entity Centric Report’s accuracy.
c. It provides an initial impact assessment of the scope of the breach including what personal information was found.

c. It provides an initial impact assessment of the scope of the breach including what personal information was found.

25. What is a document category? a. A combination of AI models, regular expressions, and keywords that detect a string of text and classify it as a form of personal information. b. A combination of keywords that detect a string of text and tag the document as containing the text. c. A system or user-generated label indicating a document may require special treatment.

b. A combination of keywords that detect a string of text and tag the document as containing the text.

26. A reviewer has verified table boundaries and column level PI detections in a spreadsheet. How are names and PI within each table linked? a. Names and PI appearing in the same table row will automatically be linked. b. The reviewer will link name and PI table columns using the Linked Individuals tab in the coding layout. c. The reviewer will link name and PI table columns by selecting each column and clicking the linkage icon that appears in the document viewer.

a. Names and PI appearing in the same table row will automatically be linked.

27. For unstructured documents, what must be done to ensure that detected individuals appear on the Entity Centric Report? a. Reviewers need to manually draw a line between the name and PI to link them. b. Names and PI on the document will automatically be linked and appear on the Entity Centric Report. c. Reviewers need to manually link names and their associated PI directly on the document.

c. Reviewers need to manually link names and their associated PI directly on the document.

28. For spreadsheets, how do you annotate personal information located in a cell outside of a table? a. Use the layout to record the personal information in a text box. b. Create a new table to capture the single cell. c. Use the PI Detection panel to create a manual annotation.

c. Use the PI Detection panel to create a manual annotation.

29. How can a user annotate personal information (PI) that was not automatically identified on an unstructured document? a. Highlight the PI and use the Context Menu to assign it a PI type. b. Highlight the PI and manually enter the value in the Add PI Detection modal. c. Manually capture it in the layout using a long text field.

a. Highlight the PI and use the Context Menu to assign it a PI type.

30. When reviewing a document, what option needs to be selected to prevent changes to personal information when Incorporate Feedback is run? a. Lock Annotations. b. Save and Next. c. Confirm Codings.

a. Lock Annotations.

32. What method is most effective to verify the accuracy of personal information (PI) predictions in spreadsheets? a. Navigate to the Spreadsheet QC tool and confirm the header values in the dataset are accurately classified as a PI type or no PI. b. Navigate to the blocklist tool and locate any header values that should be considered no PI in the dataset. Designate any remaining header values as containing PI within the blocklist tool. c. Review a sample set of 50 spreadsheets and keep a record of any header values that you will instruct reviewers to update during their review

a. Navigate to the Spreadsheet QC tool and confirm the header values in the dataset are accurately classified as a PI type or no PI.

31. Why should you use the blocklisting tool? a. When some instances of a string of text are personal information and sometimes they are not. b. To find missed personal information. c. To remove false positives from your detector results.

c. To remove false positives from your detector results.

33. What is the best way to test the accuracy of a custom regular expression? a. Run Incorporate Feedback on the entire dataset to see if the expression works as intended. b. Use the built-in testing option, Test String, to see if a string of text is captured by a regular expression. c. Use a third party regular expression validator.

b. Use the built-in testing option, Test String, to see if a string of text is captured by a regular expression.

34. What is the difference between a global and local keyword when building detectors? a. Global keywords look for a phrase and translate it across Relativity’s database of 100+ non-English languages. Local keywords only look for a phrase in the English language. b. Global keywords look for a regular expression on a document. Local keywords look for a phrase located next to a regular expression. c. Global keywords look for a phrase in the entire document, regardless of its proximity to a regular expression. Local keywords look for a phrase within a designated character distance of a regular expression.

c. Global keywords look for a phrase in the entire document, regardless of its proximity to a regular expression. Local keywords look for a phrase within a designated character distance of a regular expression.

35. What is an intended use case for Data Breach Response? a. A cyber incident has occurred and impacted individuals need to be notified. b. A set of documents must have all PI redacted for upcoming litigation. c. A set of documents are deemed to contain privileged information and need to be logged for litigation purposes

a. A cyber incident has occurred and impacted individuals need to be notified.

37. You have a new project where the client wants to know the percentage of documents that contain social security numbers (SSN) or date of births (DOB). The data is already processed in RelativityOne. What are the next steps after documents are ingested into Data Breach Response to accomplish this request? a. Create document classifiers for SSN and DOBs, run the Incorporate Feedback pipeline, download the Document Report, and filter down to DocIDs containing SSN or DOB to calculate percentage. b. Toggle off all Out of the Box detectors except SSN and DOB, run the Incorporate Feedback pipeline, download the Document Report, and filter down to DocIDs containing personal information to calculate percentage. c. Build regular expressions for SSN and DOB, run the Incorporate Feedback pipeline, download the Document Report, and filter down to DocIDs containing SSN or DOB to calculate percentage.

b. Toggle off all Out of the Box detectors except SSN and DOB, run the Incorporate Feedback pipeline, download the Document Report, and filter down to DocIDs containing personal information to calculate percentage.

36. What is a recommended workflow strategy using Data Breach Response? a. Separate documents containing date of birth and phone numbers together. b. Re-run the Incorporate Feedback pipeline for every 100 documents reviewed. c. Create separate work streams for documents containing PI and documents without PI.

c. Create separate work streams for documents containing PI and documents without PI.

38. Why is it important to manually annotate unstructured documents where text cannot be highlighted in the native viewer? a. To capture any missing personal information either using extracted text or manual entry and link it to the person it belongs to. b. To remove these documents from the project. c. To flag the document as needing further review and add any entities from these documents manually in the spreadsheet.

a. To capture any missing personal information either using extracted text or manual entry and link it to the person it belongs to.

39. What saved search criteria would yield the best results for all documents containing both a full name and a phone number prediction? a. Contains two or more PI types, one of which must be ‘full name'. b. Contains PI type ‘full name’ and PI type ‘phone number’. c. Contains PI type ‘full name’ or PI type ‘phone number’.

b. Contains PI type ‘full name’ and PI type ‘phone number’.

40. Which statement is true about first-level and quality control level review? a. First-level reviewers confirm machine predictions and create linkages, and their work is checked by quality control-level reviewers. b. Documents can only be reviewed once, either by a firstlevel reviewer or a quality control-level reviewer. c. Both first-level review and quality control-level review are mandatory and cannot be skipped.

a. First-level reviewers confirm machine predictions and create linkages, and their work is checked by quality control-level reviewers.