Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Isaca Exam CDPSE Topic 3 Question 38 Discussion

Actual exam question for Isaca's CDPSE exam
Question #: 38
Topic #: 3
[All CDPSE Questions]

Which of the following principles is MOST important to apply when granting access to an enterprise resource planning (ERP) system that contains a significant amount of personal data?

Show Suggested Answer Hide Answer
Suggested Answer: B

The principle of least privilege is the most important principle to apply when granting access to an ERP system that contains a significant amount of personal dat

a. The principle of least privilege states that users should only have the minimum level of access and permissions necessary to perform their legitimate tasks and functions, and no more. Applying the principle of least privilege helps to protect the privacy and security of the personal data in the ERP system, as it reduces the risk of unauthorized or inappropriate access, disclosure, modification, or deletion of the data. It also helps to comply with the privacy laws and regulations, such as the GDPR, that require data controllers and processors to implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.


by Jess at Apr 11, 2024, 10:12 PM

Limited Time Offer

25%

Off

Get Premium CDPSE Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Luz
10 months ago
Data minimization is important too, to reduce the risk of exposure.
upvoted 0 times
...
Tony
10 months ago
I believe segregation of duties is also crucial to prevent unauthorized access.
upvoted 0 times
...
Kara
10 months ago
I agree with Lucy, least privilege ensures that only necessary access is granted.
upvoted 0 times
...
Lucy
10 months ago
I think the most important principle is least privilege.
upvoted 0 times
...
Leonor
11 months ago
Segregation of duties is also crucial to prevent misuse of personal data.
upvoted 0 times
...
Isabella
11 months ago
But what about data minimization? Isn't that important too?
upvoted 0 times
...
Kiley
11 months ago
I agree with User1, least privilege limits access to only what's necessary.
upvoted 0 times
...
Stephanie
12 months ago
I think the most important principle is least privilege.
upvoted 0 times
Rene
11 months ago
Segregation of duties also plays a key role in maintaining data integrity.
upvoted 0 times
...
Rebecka
12 months ago
I agree, least privilege is crucial in protecting personal data.
upvoted 0 times
...
...
Horace
1 years ago
You know what they say, 'with great power comes great responsibility.' That's why I'm leaning towards Least Privilege. Let's give people just enough access to get their jobs done, and no more.
upvoted 0 times
...
Sherell
1 years ago
Ooh, good point. Segregation of Duties is definitely up there. Can't have one person controlling everything, that's just asking for trouble. Although, I still think Least Privilege is the way to go.
upvoted 0 times
...
Armanda
1 years ago
Hmm, I don't know. Segregation of Duties seems pretty important too. We gotta make sure no one person has too much power over the system, you know? Checks and balances and all that.
upvoted 0 times
...
Inocencia
1 years ago
Data Minimization, huh? I like the way you think. Less data to worry about means less risk of a breach. Plus, it's just good privacy practice. I'm going with that one.
upvoted 0 times
Carla
1 years ago
In the end, it's important to consider all these principles when granting access to sensitive data.
upvoted 0 times
...
Stephaine
1 years ago
You're right, separating duties can help maintain accountability and prevent misuse of data.
upvoted 0 times
...
Brett
1 years ago
But segregation of duties is also important to prevent conflicts of interest and fraud.
upvoted 0 times
...
Bette
1 years ago
True, giving users only the access they need reduces the risk of unauthorized actions.
upvoted 0 times
...
Louann
1 years ago
I think least privilege is also crucial in granting access to an ERP system.
upvoted 0 times
...
Myra
1 years ago
I agree, less data means less risk of a breach. It's a good practice for privacy.
upvoted 0 times
...
Thomasena
1 years ago
Data minimization is definitely important when it comes to personal data in an ERP system.
upvoted 0 times
...
...
Alpha
1 years ago
I agree, Least Privilege is key. But I also think Data Minimization is crucial. We should only be collecting and storing the personal data that's absolutely necessary. Anything else is just asking for trouble down the line.
upvoted 0 times
...
Portia
1 years ago
Hmm, this is a tough one. I'd say Least Privilege is the most important principle here. We need to make sure users only have access to the bare minimum they need to do their jobs. Anything more could be a security nightmare waiting to happen.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77