Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

PECB Exam GDPR Topic 1 Question 4 Discussion

Actual exam question for PECB's GDPR exam
Question #: 4
Topic #: 1
[All GDPR Questions]

An organization suffered a personal data breach. The attackers gained access to their database through a user account that had unlimited access to dat

a. What should the DPO advise the organization to do in order to prevent the recurrence of similar scenarios?

Show Suggested Answer Hide Answer
Suggested Answer: A

GDPR Article 32(1)(b) emphasizes implementing access controls to ensure data security. Reviewing and restricting account permissions using the principle of least privilege (PoLP) helps prevent unauthorized access. Shared accounts (option C) increase security risks, and using cloud computing (option B) does not directly address access control vulnerabilities.


Contribute your Thoughts:

Brinda
4 days ago
C? Seriously? Shared accounts are a security nightmare waiting to happen. A is the way to go.
upvoted 0 times
...
Lynelle
7 days ago
Creating and using shared accounts for several users might not be a good idea as it can lead to security vulnerabilities.
upvoted 0 times
...
Lenita
9 days ago
I believe using cloud computing services could also help mitigate the risk of personal data breaches.
upvoted 0 times
...
Barbra
11 days ago
I can already hear the DPO sighing heavily at the mere suggestion of C. 'Do you want to get hacked again? No? Then we're doing A.'
upvoted 0 times
Maryln
12 hours ago
A) Review if the access control system allows the creation, approval, review, and deletion of user accounts
upvoted 0 times
...
...
Annamaria
12 days ago
I agree with Ivette. It's important to ensure user accounts are created, approved, reviewed, and deleted properly.
upvoted 0 times
...
Ivette
16 days ago
I think the DPO should advise the organization to review the access control system.
upvoted 0 times
...
Ruth
20 days ago
A seems like the obvious choice here. Reviewing the access control system is key to preventing similar breaches.
upvoted 0 times
...

Save Cancel