New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Exin PDPF Exam - Topic 9 Question 51 Discussion

Actual exam question for Exin's PDPF exam
Question #: 51
Topic #: 9
[All PDPF Questions]

A company CEO travels to a meeting in another city. He takes a notebook with information about the company's new projects and acquisitions, which will be the subject of discussion at this meeting. These are the only data stored on the notebook.

The notebook accidentally falls into the hotel's pool and all data is lost.

What happened, considering the General Data Protection Regulation (GDPR)?

Show Suggested Answer Hide Answer
Suggested Answer: A

To advise the controller on the mitigation of privacy risks to protect the controller from liability claims for non-compliance. Incorrect. The supervisory authority has the task to monitor compliance and to advise on enhancements, but its purpose is not to protect the controller.

To fulfill the obligation in the GDPR to implement appropriate technical and organizational measures for data protection. Incorrect. The audit is not the implementation of the measures, but an assessment of the effectiveness of them.

To monitor and enforce the application of the GDPR by assessing that processing is performed in compliance with the GDPR. Correct. According to the GDPR this is an important task of a supervisory authority. (Literature: A, Chapter 7; GDPR Article 57 (1)(a))


by Matthew at Dec 10, 2023, 03:51 PM

Limited Time Offer

25%

Off

Get Premium PDPF Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Elenor
3 months ago
Not sure if it counts as a breach since no one accessed the data.
upvoted 0 times
...
Mollie
3 months ago
Totally agree, it's a security risk for sure.
upvoted 0 times
...
Irving
4 months ago
Surprised this isn't classified as a vulnerability.
upvoted 0 times
...
Tonette
4 months ago
I think it's more of a data breach.
upvoted 0 times
...
Casey
4 months ago
Definitely a security incident!
upvoted 0 times
...
Alecia
4 months ago
I think it’s definitely a security risk, but I’m torn between that and calling it a data breach. It’s frustrating how these terms can overlap!
upvoted 0 times
...
Jaime
4 months ago
I feel like this could also be seen as a vulnerability, but I’m not confident. It’s tricky because the data was lost due to an accident, not a hack.
upvoted 0 times
...
Ryan
4 months ago
This seems similar to a practice question we had about data loss. I think it might be classified as a data breach since the information was lost and could potentially be accessed by others.
upvoted 0 times
...
Theresia
5 months ago
I remember discussing how a loss of data like this could be considered a security incident, but I'm not entirely sure if it qualifies as a breach.
upvoted 0 times
...
Delisa
5 months ago
I've got this one! The data was lost, so it's a security incident that needs to be reported. Simple as that.
upvoted 0 times
...
Glynda
5 months ago
Hmm, I'm a bit unsure here. The data was lost, but was it actually accessed by anyone? I'll need to think through the GDPR implications carefully.
upvoted 0 times
...
Hailey
5 months ago
This seems like a straightforward GDPR question. I'll focus on identifying the key facts and then select the best answer.
upvoted 0 times
...
Jody
5 months ago
Okay, let's see. The data was stored on a notebook that fell into a pool, resulting in data loss. I think this would qualify as a security incident under GDPR.
upvoted 0 times
...
Franchesca
5 months ago
I'm a little confused by this question. I'm not super familiar with the different Windows command-line utilities. I'll have to review my notes and try to reason through the options.
upvoted 0 times
...
Curtis
5 months ago
Wait, was it only about having a baseline? I feel like I remember something about that being important too, but there might be more to it.
upvoted 0 times
...
Annalee
10 months ago
Can we talk about the real issue here? The CEO's backstroke game needs some serious work if he's losing company data in the pool. Maybe he should consider a floatie next time.
upvoted 0 times
Malcom
8 months ago
B) A vulnerability
upvoted 0 times
...
Brent
8 months ago
C) A data breach
upvoted 0 times
...
Leslee
9 months ago
A) A security incident
upvoted 0 times
...
...
Malissa
10 months ago
Oh no, the CEO better hope his swim was worth it! This is clearly a data breach, so option C is the way to go.
upvoted 0 times
Johnetta
9 months ago
User 3: Yeah, option C is the right choice.
upvoted 0 times
...
Matt
9 months ago
User 2: Definitely, that sounds like a data breach to me.
upvoted 0 times
...
Yolando
10 months ago
User 1: Oh no, the CEO better hope his swim was worth it!
upvoted 0 times
...
...
Mickie
10 months ago
Hmm, I'm not sure. Could it also be considered a vulnerability in the company's data security practices? Maybe option B is a valid answer too.
upvoted 0 times
Stephaine
9 months ago
User 3: Maybe it's both a data breach and a security incident.
upvoted 0 times
...
Noble
10 months ago
User 2: I think it's more of a security incident.
upvoted 0 times
...
Delisa
10 months ago
User 1: It could be a data breach.
upvoted 0 times
...
...
Shaun
10 months ago
I agree, this is a security incident. The data on the notebook was not properly secured, which led to a data breach. Option C is the right choice here.
upvoted 0 times
Sherita
9 months ago
I agree, this is a security incident. The data on the notebook was not properly secured, which led to a data breach. Option C is the right choice here.
upvoted 0 times
...
Zona
9 months ago
C) A data breach
upvoted 0 times
...
Dong
10 months ago
A) A security incident
upvoted 0 times
...
...
Eden
10 months ago
But couldn't it also be considered a security incident since the CEO failed to protect the data properly?
upvoted 0 times
...
Gwenn
10 months ago
I agree with Willie, losing sensitive company information like that definitely falls under GDPR as a data breach.
upvoted 0 times
...
Willie
11 months ago
I think it's a data breach.
upvoted 0 times
...
Ernie
11 months ago
But couldn't it also be considered a security incident since the CEO failed to protect the data properly?
upvoted 0 times
...
Jerry
11 months ago
This is definitely a security incident under GDPR. The CEO's notebook containing sensitive company information was lost, and the data is now compromised. Option A is the correct answer.
upvoted 0 times
Eden
9 months ago
D) A security risk
upvoted 0 times
...
Brittni
9 months ago
Oh no, that's a serious problem. The company's data is now at risk.
upvoted 0 times
...
Carlene
9 months ago
C) A data breach
upvoted 0 times
...
Cammy
9 months ago
A) A security incident
upvoted 0 times
...
...
Lashaunda
11 months ago
I agree with Solange, losing sensitive company information like that definitely falls under GDPR as a data breach.
upvoted 0 times
...
Solange
11 months ago
I think it's a data breach.
upvoted 0 times
...

Save Cancel