Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

IAPP CIPM Exam - Topic 8 Question 42 Discussion

Actual exam question for IAPP's CIPM exam
Question #: 42
Topic #: 8
[All CIPM Questions]

While trying to e-mail her manager, an employee has e-mailed a list of all the company's customers, including their bank details, to an employee with the same name at a different company. Which of the following would be the first stage in the incident response plan under the General Data Protection Regulation (GDPR)?

Show Suggested Answer Hide Answer
Suggested Answer: B

The first stage in the incident response plan under the General Data Protection Regulation (GDPR) for this scenario would be to contain the impact of the breach. This means taking immediate action to stop the unauthorized access or disclosure of personal data, and to prevent it from happening again in the future. This could involve revoking access to the data, notifying the employee who mistakenly sent the data, and implementing security measures to prevent similar breaches from occurring in the future.


https://gdpr-info.eu/art-33-gdpr/

https://gdpr-info.eu/art-34-gdpr/

by Rima at Feb 04, 2023, 07:03 AM

Limited Time Offer

25%

Off

Get Premium CIPM Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Lashaunda
4 months ago
Not sure about B, shouldn't we notify the affected customers right away?
upvoted 0 times
...
Chu
4 months ago
A is important too, but we need to contain the breach first.
upvoted 0 times
...
Chan
5 months ago
Surprised this even happened, how careless!
upvoted 0 times
...
Emiko
5 months ago
I think it should be D, notifying the ICO first makes sense.
upvoted 0 times
...
Loren
5 months ago
Definitely B, containment is key!
upvoted 0 times
...
Jodi
5 months ago
I’m confused about the order. I thought we had to notify the ICO right away, but I could be mixing it up with other regulations.
upvoted 0 times
...
Thurman
5 months ago
I practiced a similar question, and I feel like notifying data subjects comes later. It’s about managing the breach first, I think.
upvoted 0 times
...
Domingo
5 months ago
I’m not entirely sure, but I remember something about notifying the ICO being really important. Maybe that’s the first thing we should do?
upvoted 0 times
...
Bev
5 months ago
I think the first step should be containment of the impact of the breach, right? We need to stop any further data exposure.
upvoted 0 times
...
Chery
5 months ago
I'm pretty confident I know the answer to this one. The rekey process re-encrypts the credential data, but it doesn't de-obfuscate any existing obfuscated passwords.
upvoted 0 times
...
Hannah
5 months ago
Okay, I've got this. The key activities for interacting with the user are things like WriteLine to display output, MessageBox to show dialog boxes, and InputDialog to get user input. I'm feeling good about this one.
upvoted 0 times
...
Isadora
5 months ago
Quick subtraction of the percentages - 92% assumed vs 89% actual. Looks like a 3% difference.
upvoted 0 times
...
Marcelle
6 months ago
Something tells me "show mlag peer-link" sounds right, though I may have muddled it with a similar command about interfaces.
upvoted 0 times
...

Save Cancel