nerdexam
Isaca

CDPSE · Question #13

Which of the following is the PRIMARY consideration to ensure control of remote access is aligned to the privacy policy?

The correct answer is D. Access is only granted to authorized users.. The foundational principle of access control is authorization - ensuring that only users who are permitted to access personal data can do so remotely. If unauthorized users can gain remote access, no amount of logging, MFA, or monitoring can fully compensate for that failure. VPN

Privacy Architecture

Question

Which of the following is the PRIMARY consideration to ensure control of remote access is aligned to the privacy policy?

Options

  • AAccess is logged on the virtual private network (VPN).
  • BMulti-factor authentication is enabled.
  • CActive remote access is monitored.
  • DAccess is only granted to authorized users.

How the community answered

(30 responses)
  • A
    3% (1)
  • B
    7% (2)
  • D
    90% (27)

Explanation

The foundational principle of access control is authorization - ensuring that only users who are permitted to access personal data can do so remotely. If unauthorized users can gain remote access, no amount of logging, MFA, or monitoring can fully compensate for that failure. VPN logging (A) and active monitoring (C) are detective controls that identify issues after the fact. MFA (B) is an authentication control that strengthens identity verification but does not by itself enforce who is authorized. Granting access only to authorized users (D) is the primary preventive control that aligns remote access with privacy policy.

Topics

#Remote Access Control#Privacy Policy Alignment#Access Management#Authorization

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice