IAPP Exam CIPM Topic 9 Question 45 Discussion

Actual exam question for IAPP's CIPM exam

Question #: 45
Topic #: 9

A systems audit uncovered a shared drive folder containing sensitive employee data with no access controls and therefore was available for all employees to view. What is the first step to mitigate further risks?

ANotify all employees whose information was contained in the file.

BCheck access logs to see who accessed the folder.

CNotify legal counsel of a privacy incident.

DRestrict access to the folder.

Show Suggested Answer

Suggested Answer: D

The first step to mitigate further risks when a systems audit uncovers a shared drive folder containing sensitive employee data with no access controls is to restrict access to the folder. This can be done by implementing appropriate access controls, such as user authentication, role-based access, and permissions, to ensure that only authorized individuals can view and access the sensitive data.

https://www.sans.org/cyber-security-summit/archives/file/summit-archive-1492158151.pdf

https://www.itgovernance.co.uk/blog/5-reasons-why-employees-dont-report-data-breaches/

https://www.ncsc.gov.uk/guidance/report-cyber-incident

by Markus at Mar 31, 2023, 02:31 PM

Limited Time Offer

25%

Off

Get Premium CIPM Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!