Exam CIPM All QuestionsBrowse all questions from this exam
Go to Exam
Question 43

SCENARIO -

Please use the following to answer the next question:

It's just what you were afraid of. Without consulting you, the information technology director at your organization launched a new initiative to encourage employees to use personal devices for conducting business. The initiative made purchasing a new, high-specification laptop computer an attractive option, with discounted laptops paid for as a payroll deduction spread over a year of paychecks. The organization is also paying the sales taxes. It's a great deal, and after a month, more than half the organization's employees have signed on and acquired new laptops. Walking through the facility, you see them happily customizing and comparing notes on their new computers, and at the end of the day, most take their laptops with them, potentially carrying personal data to their homes or other unknown locations. It's enough to give you data-protection nightmares, and you've pointed out to the information technology Director and many others in the organization the potential hazards of this new practice, including the inevitability of eventual data loss or theft.

Today you have in your office a representative of the organization's marketing department who shares with you, reluctantly, a story with potentially serious consequences. The night before, straight from work, with laptop in hand, he went to the Bull and Horn Pub to play billiards with his friends. A fine night of sport and socializing began, with the laptop "safely" tucked on a bench, beneath his jacket. Later that night, when it was time to depart, he retrieved the jacket, but the laptop was gone. It was not beneath the bench or on another bench nearby. The waitstaff had not seen it. His friends were not playing a joke on him. After a sleepless night, he confirmed it this morning, stopping by the pub to talk to the cleanup crew. They had not found it. The laptop was missing. Stolen, it seems. He looks at you, embarrassed and upset.

You ask him if the laptop contains any personal data from clients, and, sadly, he nods his head, yes. He believes it contains files on about 100 clients, including names, addresses and governmental identification numbers. He sighs and places his head in his hands in despair.

Which is the best way to ensure that data on personal equipment is protected?

    Correct Answer: C

    The best way to ensure that data on personal equipment is protected is to encrypt the data. Encryption transforms data into an unreadable format that unauthorized individuals cannot access without the proper decryption key or password. Even if the device is lost or stolen, the data remains secure. While user risk training, biometric security, and frequent data backups are important measures, they do not directly prevent unauthorized access to data if the equipment is lost or stolen.

Discussion
Alex951Option: C

It should be C

DracoLOption: C

Should be C. Best way to protect data on personal equipment is to Encrypt the data. User Risk training doesnt ensure that the data is protected, incident still can occur. Even best if the personal equipment is not only encrypted but remotely managed so that can do a remote wipe. The answer again doesnt make any sense. Did Examtopic do a check?

SsouravOption: C

Encryption ensures that even if a device is lost or stolen, unauthorized individuals cannot easily access the data stored on the device without the proper decryption key or password.

DracoLOption: C

Encrypt the data is the best and fastest possible way. Educating the user is also important but human error will happen.

RocketlyOption: C

Devices should always be encrypted to prevent unauthorised access

humhainOption: C

Encryption of the data is the best way to ensure that data on personal equipment is protected, as it prevents unauthorized access to the data even if the equipment is lost or stolen. Encryption is the process of transforming data into an unreadable format that can only be decrypted with a valid key or password. Encryption can be applied to the entire device, a specific folder or file, or a removable storage media. Encryption is one of the most effective technical safeguards for data protection and is recommended by many privacy laws and standards.

carlosbuiOption: C

Should be C

[Removed]Option: C

Should be C