Fill in the blank:You are the security manager for your company.Your company uses an international cloud service to store data. You are concerned about the fact that data is subject to the laws of the jurisdictions where it’s created, stored and transmitted through. You are concerned about data ____________. (Please type your one-word answer all in lower case. Example: security)

An organization leverages cloud computing to store and process its customer data. Recently, the IT department reported unusual patterns of data access that did not align with typical user behavior. What should be a priority security concern in this context?Compliance with data protection lawsYour answer is incorrectData leakage between tenantsCorrect answerAccess control policiesData sovereignty

You are the IT security manager of a large government department. You want to ensure that only authorized officials can physically access the computers hosting your data. What type of data centre should you use?(1 Point)Off-shore data centreCloud provider data centreOn-premises data centreCommunity cloud

Legal concept of Data Sovereignty means:a.Governance of data protection law of the country in which it is collected, processed and/or storedb.It determines the rules and regulations that data should be subject to regardless where data is storedc.Compliance with data protection laws

The following responsible data principles have widely informed global protection frameworks. Which one of these principles is described INCORRECTLY?a.Consent and choice – Individuals should have the choice and autonomy to freely decide whether and how their data is collected and utilized. They must be adequately informed and be free from coercion when making decisions about sharing their personal information.b.Accountability – Organizations bear responsibility for ethically, legally, and safely collecting, storing, and using data.c.Data minimization and purpose limitations: Data, especially personally identifiable data, should only be collected when it is necessary to achieve a defined outcome. It should not be used for other than its intended purpose, and should not be retained longer than is necessary for the stipulated purpose.d.Transparency – All data collected needs to be open, explicit, and honestly made available in the public domain to ensure adherence to this principle.

You must be based in a jurisdiction that offers the requested data privacy right(s). We use a third party provider to verify if you reside in such a jurisdiction.