Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca Exam CDPSE Topic 3 Question 38 Discussion

Actual exam question for Isaca's Certified Data Privacy Solutions Engineer exam
Question #: 38
Topic #: 3
[All Certified Data Privacy Solutions Engineer Questions]

Which of the following principles is MOST important to apply when granting access to an enterprise resource planning (ERP) system that contains a significant amount of personal data?

Show Suggested Answer Hide Answer
Suggested Answer: B

The principle of least privilege is the most important principle to apply when granting access to an ERP system that contains a significant amount of personal dat

a. The principle of least privilege states that users should only have the minimum level of access and permissions necessary to perform their legitimate tasks and functions, and no more. Applying the principle of least privilege helps to protect the privacy and security of the personal data in the ERP system, as it reduces the risk of unauthorized or inappropriate access, disclosure, modification, or deletion of the data. It also helps to comply with the privacy laws and regulations, such as the GDPR, that require data controllers and processors to implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.


by Jess at Apr 11, 2024, 10:12 PM

Limited Time Offer

25%

Off

Get Premium CDPSE Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Horace
10 days ago
You know what they say, 'with great power comes great responsibility.' That's why I'm leaning towards Least Privilege. Let's give people just enough access to get their jobs done, and no more.
upvoted 0 times
...
Sherell
12 days ago
Ooh, good point. Segregation of Duties is definitely up there. Can't have one person controlling everything, that's just asking for trouble. Although, I still think Least Privilege is the way to go.
upvoted 0 times
...
Armanda
13 days ago
Hmm, I don't know. Segregation of Duties seems pretty important too. We gotta make sure no one person has too much power over the system, you know? Checks and balances and all that.
upvoted 0 times
...
Inocencia
14 days ago
Data Minimization, huh? I like the way you think. Less data to worry about means less risk of a breach. Plus, it's just good privacy practice. I'm going with that one.
upvoted 0 times
...
Alpha
16 days ago
I agree, Least Privilege is key. But I also think Data Minimization is crucial. We should only be collecting and storing the personal data that's absolutely necessary. Anything else is just asking for trouble down the line.
upvoted 0 times
...
Portia
18 days ago
Hmm, this is a tough one. I'd say Least Privilege is the most important principle here. We need to make sure users only have access to the bare minimum they need to do their jobs. Anything more could be a security nightmare waiting to happen.
upvoted 0 times
...

Save Cancel