IAPP CIPP-E Exam - Topic 7 Question 67 Discussion

Actual exam question for IAPP's CIPP-E exam

Question #: 67
Topic #: 7

It a company receives an anonymous email demanding ransom for the stolen personal data of its clients, what must the company do next, per GDPR requirements'3

ANotify the police and Tile a criminal complaint about the incident

BStart an investigation to understand the incident's possible scope, duration and nature

CSend a notification to the competent supervisory authority describing the incident.

DSend an email about the incident to all clients and ask them to change their passwords

Show Suggested Answer

Suggested Answer: C

by Geoffrey at Mar 24, 2023, 06:56 AM

Limited Time Offer

25%

Off

Get Premium CIPP-E Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Wilbert

4 months ago

Wait, they only have 72 hours? That seems so short!

upvoted 0 times

...

Cherri

4 months ago

A and C are also important steps, but B comes first.

upvoted 0 times

...

Allene

5 months ago

I thought they had to notify clients right away?

upvoted 0 times

...

Vicky

5 months ago

Definitely B! Investigating the scope is crucial.

upvoted 0 times

...

Ira

5 months ago

The company must notify the supervisory authority within 72 hours.

upvoted 0 times

...

Flo

5 months ago

I practiced a question similar to this, and I think they need to notify clients right away, but I’m not sure if that’s the best first step.

upvoted 0 times

...

Kallie

5 months ago

I feel like notifying the police is necessary, but I can't recall if it's the first thing they should do. Is that option A?

upvoted 0 times

...

Yvonne

5 months ago

I'm not entirely sure, but I remember something about notifying the supervisory authority being important too. Maybe that's option C?

upvoted 0 times

...

Carline

5 months ago

I think the company should definitely start an investigation first to understand what happened. That seems like a crucial step.

upvoted 0 times

...

Micah

5 months ago

Hmm, I'm not sure about this one. I'll have to review the company's policies on using work email for personal matters.

upvoted 0 times

...

Natalie

5 months ago

This seems straightforward enough. I'd go with checking the Nginx logs for response times. That's probably the most direct way to identify the root cause of the slow page loads.

upvoted 0 times

...

Lavera

6 months ago

I think the active-active replication option is crucial here, but I'm not entirely sure if A or C is the best choice. It feels like both have similar elements.

upvoted 0 times

...