PL-900 · Question #99
PL-900 Question #99: Real Exam Question with Answer & Explanation
The correct answer is B: Prompt a user for consent to use their personal data and record the date consented.. GDPR mandates two things relevant here: (1) obtaining and recording explicit user consent before processing personal data (Article 6/7), making option B correct; and (2) special protections for minors (Article 8), which requires verifiable parental consent for children under 16,
Question
Customer-facing applications must comply with Global Data Protection Regulations (GDPR). You need to recommend actions to help ensure GDPR compliance. Which two features should the company use? Each correct answer presents part of the solution. NOTE: Each correct selection is worth one point.
Options
- AForce a user to update security questions after a specific amount of time.
- BPrompt a user for consent to use their personal data and record the date consented.
- CBlock users who are identified as minors.
- DAutomatically deactivate a user who has not used the portal in six months.
Explanation
GDPR mandates two things relevant here: (1) obtaining and recording explicit user consent before processing personal data (Article 6/7), making option B correct; and (2) special protections for minors (Article 8), which requires verifiable parental consent for children under 16, so blocking unverified minors (C) is a valid compliance measure. Option A (rotating security questions) is a general security practice unrelated to GDPR. Option D (deactivating inactive users) is a security hygiene measure, not a GDPR requirement.
Topics
Community Discussion
No community discussion yet for this question.