Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Exin PDPF Exam - Topic 9 Question 51 Discussion

Actual exam question for Exin's PDPF exam
Question #: 51
Topic #: 9
[All PDPF Questions]

A company CEO travels to a meeting in another city. He takes a notebook with information about the company's new projects and acquisitions, which will be the subject of discussion at this meeting. These are the only data stored on the notebook.

The notebook accidentally falls into the hotel's pool and all data is lost.

What happened, considering the General Data Protection Regulation (GDPR)?

Show Suggested Answer Hide Answer
Suggested Answer: A

To advise the controller on the mitigation of privacy risks to protect the controller from liability claims for non-compliance. Incorrect. The supervisory authority has the task to monitor compliance and to advise on enhancements, but its purpose is not to protect the controller.

To fulfill the obligation in the GDPR to implement appropriate technical and organizational measures for data protection. Incorrect. The audit is not the implementation of the measures, but an assessment of the effectiveness of them.

To monitor and enforce the application of the GDPR by assessing that processing is performed in compliance with the GDPR. Correct. According to the GDPR this is an important task of a supervisory authority. (Literature: A, Chapter 7; GDPR Article 57 (1)(a))


by Matthew at Dec 10, 2023, 03:51 PM

Limited Time Offer

25%

Off

Get Premium PDPF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Elenor
5 months ago
Not sure if it counts as a breach since no one accessed the data.
upvoted 0 times
...
Mollie
5 months ago
Totally agree, it's a security risk for sure.
upvoted 0 times
...
Irving
5 months ago
Surprised this isn't classified as a vulnerability.
upvoted 0 times
...
Tonette
5 months ago
I think it's more of a data breach.
upvoted 0 times
...
Casey
6 months ago
Definitely a security incident!
upvoted 0 times
...
Alecia
6 months ago
I think it’s definitely a security risk, but I’m torn between that and calling it a data breach. It’s frustrating how these terms can overlap!
upvoted 0 times
...
Jaime
6 months ago
I feel like this could also be seen as a vulnerability, but I’m not confident. It’s tricky because the data was lost due to an accident, not a hack.
upvoted 0 times
...
Ryan
6 months ago
This seems similar to a practice question we had about data loss. I think it might be classified as a data breach since the information was lost and could potentially be accessed by others.
upvoted 0 times
...
Theresia
6 months ago
I remember discussing how a loss of data like this could be considered a security incident, but I'm not entirely sure if it qualifies as a breach.
upvoted 0 times
...
Delisa
6 months ago
I've got this one! The data was lost, so it's a security incident that needs to be reported. Simple as that.
upvoted 0 times
...
Glynda
6 months ago
Hmm, I'm a bit unsure here. The data was lost, but was it actually accessed by anyone? I'll need to think through the GDPR implications carefully.
upvoted 0 times
...
Hailey
6 months ago
This seems like a straightforward GDPR question. I'll focus on identifying the key facts and then select the best answer.
upvoted 0 times
...
Jody
7 months ago
Okay, let's see. The data was stored on a notebook that fell into a pool, resulting in data loss. I think this would qualify as a security incident under GDPR.
upvoted 0 times
...
Franchesca
7 months ago
I'm a little confused by this question. I'm not super familiar with the different Windows command-line utilities. I'll have to review my notes and try to reason through the options.
upvoted 0 times
...
Curtis
7 months ago
Wait, was it only about having a baseline? I feel like I remember something about that being important too, but there might be more to it.
upvoted 0 times
...
Annalee
11 months ago
Can we talk about the real issue here? The CEO's backstroke game needs some serious work if he's losing company data in the pool. Maybe he should consider a floatie next time.
upvoted 0 times
Malcom
10 months ago
B) A vulnerability
upvoted 0 times
...
Brent
10 months ago
C) A data breach
upvoted 0 times
...
Leslee
11 months ago
A) A security incident
upvoted 0 times
...
...
Malissa
11 months ago
Oh no, the CEO better hope his swim was worth it! This is clearly a data breach, so option C is the way to go.
upvoted 0 times
Johnetta
11 months ago
User 3: Yeah, option C is the right choice.
upvoted 0 times
...
Matt
11 months ago
User 2: Definitely, that sounds like a data breach to me.
upvoted 0 times
...
Yolando
11 months ago
User 1: Oh no, the CEO better hope his swim was worth it!
upvoted 0 times
...
...
Mickie
12 months ago
Hmm, I'm not sure. Could it also be considered a vulnerability in the company's data security practices? Maybe option B is a valid answer too.
upvoted 0 times
Stephaine
11 months ago
User 3: Maybe it's both a data breach and a security incident.
upvoted 0 times
...
Noble
11 months ago
User 2: I think it's more of a security incident.
upvoted 0 times
...
Delisa
11 months ago
User 1: It could be a data breach.
upvoted 0 times
...
...
Shaun
12 months ago
I agree, this is a security incident. The data on the notebook was not properly secured, which led to a data breach. Option C is the right choice here.
upvoted 0 times
Sherita
10 months ago
I agree, this is a security incident. The data on the notebook was not properly secured, which led to a data breach. Option C is the right choice here.
upvoted 0 times
...
Zona
10 months ago
C) A data breach
upvoted 0 times
...
Dong
12 months ago
A) A security incident
upvoted 0 times
...
...
Eden
1 year ago
But couldn't it also be considered a security incident since the CEO failed to protect the data properly?
upvoted 0 times
...
Gwenn
1 year ago
I agree with Willie, losing sensitive company information like that definitely falls under GDPR as a data breach.
upvoted 0 times
...
Willie
1 year ago
I think it's a data breach.
upvoted 0 times
...
Ernie
1 year ago
But couldn't it also be considered a security incident since the CEO failed to protect the data properly?
upvoted 0 times
...
Jerry
1 year ago
This is definitely a security incident under GDPR. The CEO's notebook containing sensitive company information was lost, and the data is now compromised. Option A is the correct answer.
upvoted 0 times
Eden
11 months ago
D) A security risk
upvoted 0 times
...
Brittni
11 months ago
Oh no, that's a serious problem. The company's data is now at risk.
upvoted 0 times
...
Carlene
11 months ago
C) A data breach
upvoted 0 times
...
Cammy
11 months ago
A) A security incident
upvoted 0 times
...
...
Lashaunda
1 year ago
I agree with Solange, losing sensitive company information like that definitely falls under GDPR as a data breach.
upvoted 0 times
...
Solange
1 year ago
I think it's a data breach.
upvoted 0 times
...

Save Cancel