CDPSE · Question #13
Which of the following is the PRIMARY consideration to ensure control of remote access is aligned to the privacy policy?
The correct answer is D. Access is only granted to authorized users.. The foundational principle of access control is authorization - ensuring that only users who are permitted to access personal data can do so remotely. If unauthorized users can gain remote access, no amount of logging, MFA, or monitoring can fully compensate for that failure. VPN
Question
Which of the following is the PRIMARY consideration to ensure control of remote access is aligned to the privacy policy?
Options
- AAccess is logged on the virtual private network (VPN).
- BMulti-factor authentication is enabled.
- CActive remote access is monitored.
- DAccess is only granted to authorized users.
How the community answered
(30 responses)- A3% (1)
- B7% (2)
- D90% (27)
Explanation
The foundational principle of access control is authorization - ensuring that only users who are permitted to access personal data can do so remotely. If unauthorized users can gain remote access, no amount of logging, MFA, or monitoring can fully compensate for that failure. VPN logging (A) and active monitoring (C) are detective controls that identify issues after the fact. MFA (B) is an authentication control that strengthens identity verification but does not by itself enforce who is authorized. Granting access only to authorized users (D) is the primary preventive control that aligns remote access with privacy policy.
Topics
Community Discussion
No community discussion yet for this question.