Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

PECB Exam GDPR Topic 1 Question 4 Discussion

Actual exam question for PECB's GDPR exam
Question #: 4
Topic #: 1
[All GDPR Questions]

An organization suffered a personal data breach. The attackers gained access to their database through a user account that had unlimited access to dat

a. What should the DPO advise the organization to do in order to prevent the recurrence of similar scenarios?

Show Suggested Answer Hide Answer
Suggested Answer: A

GDPR Article 32(1)(b) emphasizes implementing access controls to ensure data security. Reviewing and restricting account permissions using the principle of least privilege (PoLP) helps prevent unauthorized access. Shared accounts (option C) increase security risks, and using cloud computing (option B) does not directly address access control vulnerabilities.


by Chara at Mar 24, 2025, 12:15 PM

Limited Time Offer

25%

Off

Get Premium GDPR Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Alexia
2 days ago
A is the correct answer, no doubt. But I bet the IT team is still going to try and convince the DPO to go with C. 'It's more cost-effective!'
upvoted 0 times
...
Brinda
11 days ago
C? Seriously? Shared accounts are a security nightmare waiting to happen. A is the way to go.
upvoted 0 times
...
Lynelle
14 days ago
Creating and using shared accounts for several users might not be a good idea as it can lead to security vulnerabilities.
upvoted 0 times
...
Lenita
15 days ago
I believe using cloud computing services could also help mitigate the risk of personal data breaches.
upvoted 0 times
...
Barbra
18 days ago
I can already hear the DPO sighing heavily at the mere suggestion of C. 'Do you want to get hacked again? No? Then we're doing A.'
upvoted 0 times
Ashlyn
3 days ago
B) Use cloud computing services to mitigate the risk of personal data breaches
upvoted 0 times
...
Maryln
7 days ago
A) Review if the access control system allows the creation, approval, review, and deletion of user accounts
upvoted 0 times
...
...
Annamaria
19 days ago
I agree with Ivette. It's important to ensure user accounts are created, approved, reviewed, and deleted properly.
upvoted 0 times
...
Ivette
23 days ago
I think the DPO should advise the organization to review the access control system.
upvoted 0 times
...
Ruth
26 days ago
A seems like the obvious choice here. Reviewing the access control system is key to preventing similar breaches.
upvoted 0 times
Wynell
3 days ago
A) Review if the access control system allows the creation, approval, review, and deletion of user accounts
upvoted 0 times
...
...

Save Cancel