Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

PECB Exam GDPR Topic 1 Question 4 Discussion

Actual exam question for PECB's GDPR exam
Question #: 4
Topic #: 1
[All GDPR Questions]

An organization suffered a personal data breach. The attackers gained access to their database through a user account that had unlimited access to dat

a. What should the DPO advise the organization to do in order to prevent the recurrence of similar scenarios?

Show Suggested Answer Hide Answer
Suggested Answer: A

GDPR Article 32(1)(b) emphasizes implementing access controls to ensure data security. Reviewing and restricting account permissions using the principle of least privilege (PoLP) helps prevent unauthorized access. Shared accounts (option C) increase security risks, and using cloud computing (option B) does not directly address access control vulnerabilities.


by Chara at Mar 24, 2025, 12:15 PM

Limited Time Offer

25%

Off

Get Premium GDPR Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Alexia
11 days ago
A is the correct answer, no doubt. But I bet the IT team is still going to try and convince the DPO to go with C. 'It's more cost-effective!'
upvoted 0 times
...
Brinda
20 days ago
C? Seriously? Shared accounts are a security nightmare waiting to happen. A is the way to go.
upvoted 0 times
Nydia
3 days ago
A) Review if the access control system allows the creation, approval, review, and deletion of user accounts
upvoted 0 times
...
...
Lynelle
23 days ago
Creating and using shared accounts for several users might not be a good idea as it can lead to security vulnerabilities.
upvoted 0 times
...
Lenita
24 days ago
I believe using cloud computing services could also help mitigate the risk of personal data breaches.
upvoted 0 times
...
Barbra
27 days ago
I can already hear the DPO sighing heavily at the mere suggestion of C. 'Do you want to get hacked again? No? Then we're doing A.'
upvoted 0 times
Raylene
2 days ago
I can already hear the DPO sighing heavily at the mere suggestion of C. 'Do you want to get hacked again? No? Then we're doing A.'
upvoted 0 times
...
Penney
8 days ago
C) Create and use shared accounts for several users in order to minimize the number of user accounts
upvoted 0 times
...
Ashlyn
12 days ago
B) Use cloud computing services to mitigate the risk of personal data breaches
upvoted 0 times
...
Maryln
16 days ago
A) Review if the access control system allows the creation, approval, review, and deletion of user accounts
upvoted 0 times
...
...
Annamaria
28 days ago
I agree with Ivette. It's important to ensure user accounts are created, approved, reviewed, and deleted properly.
upvoted 0 times
...
Ivette
1 months ago
I think the DPO should advise the organization to review the access control system.
upvoted 0 times
...
Ruth
1 months ago
A seems like the obvious choice here. Reviewing the access control system is key to preventing similar breaches.
upvoted 0 times
Candida
6 days ago
C) Create and use shared accounts for several users in order to minimize the number of user accounts
upvoted 0 times
...
Micaela
7 days ago
B) Use cloud computing services to mitigate the risk of personal data breaches
upvoted 0 times
...
Wynell
12 days ago
A) Review if the access control system allows the creation, approval, review, and deletion of user accounts
upvoted 0 times
...
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77