Client GDPR and Protecting Information Quiz Play Pause Unmute Mute Do you know the GDPR laws? Is your businesses following GDPR and protecting information correctly? Answer the questions below to find out… Cyber Security - GDPR and Protecting Information Your Company Name*Name* First Last Your email address* What type of information would have a very low impact if it was leaked to criminals?*The content of marketing brochuresThe names and addresses of customersThe business case for a new productThe company's internal phone bookUnder the GDPR, which is a right you have as a 'data subject'?*The right to have access to my informationThe right to sell my informationThe right to move my information to the cloudThe right to be paid for my informationYou must exercise your right to [?], if you want to move data that you provided to a new service provider.*accessconsentdeletionportabilityThe GDPR only applies to organizations that...*process hardcopy personal data.offer social networking platforms.charge fees for their products or services.offer products or services into the EU.You want to transfer some data at work using a USB stick. What should you do?*Only use a USB stick that has no other data on itOnly use a USB stick that I have purchased myselfOnly use a USB stick for transferring non-confidential informationOnly use a USB stick that has been provided by the IT departmentIf your personal information is stolen, you...*cannot change your password.may be the victim of fraud.may forget your password.cannot prove your identity.How should customer information be handled?*In accordance with company rulesWith enough care not to destroy itBy encrypting it at all timesLike any other piece of informationHow must data always be processed?*With consent from the data sellerElectronically and in a digital formatIn a data centre to ensure availability at all timesLawfully, fairly, and in a transparent mannerWhen should you use software to lock your computer screen?*When I am typing confidential informationWhen it is not in useWhen I'm not actually typing anythingWhen it is shut down and safely storedWhich of these is a risk that might be caused by exposing your personal information on the internet?*Application errorsNetwork failureI might not be able to log inMy reputation could be affectedWhat is the GDPR?*The rules governing a financial transactionA guidance for driverless carsA data protection lawA data deletion softwareWhat is the main risk if you don't handle confidential information properly?*The information could be incorrect.The information could be destroyed.The information could be difficult to find.The information could be stolen.In what situation must data controllers NOT retain data?*When the data is more than 10 years oldWhen money can't be made from the data anymoreWhen there is no legal obligation, or the data is no longer requiredWhen the data processor has changed and has been replaced by a new processorUnder the GDPR, what should be considered when processing personal data?*How long it will take to collect and process the dataThe impact on the rights and freedoms of the data subjectWhether the data subject cares about the processing of their personal dataHow much data can be stored on the system, and whether cloud services will be requiredWhich statement about downloading security patches is correct?*It is not effective, because your data may be stolen anyway.It is essential, because it protects your personal informationIt is a waste of time and money, because previous versions work fine.It is not essential, because it is fine to wait for the next release.You are walking into a shop when you see a memory stick on the floor. What should you do?*Ignore it, because it would be stealing to pick it upTake it home and use it for personal informationFormat and run a virus scan on it before using itTake it home and use it for non-sensitive informationWhich is the BEST way of securing sensitive information stored on removable devices?*Keep the removable device wrapped in protective materialCheck the data on the device regularly to make sure it is completePassword protect and encrypt the data on the removable deviceOnly use the device once so that it won't be overused and damagedWhich is an example of sensitive personal information?*My date of birthMy nameMy job titleMy work addressYou just bought a new mobile phone and put your data on it. What should you do with your old phone to protect your personal information?*I should sell it on a trustworthy auction site because it will only be purchased by a trustworthy person.I should check that I did not forget to transfer any of my personal information from it to the new phoneI should make sure that my personal information is permanently removed using a memory wipe utility or factory reset functionI should keep it stored in a safe place until the personal information on it is out of date.You have encrypted some customer data that you are going to send to another office. How should you send the password?*I should send the password in a separate email to the confidential data.I should text the password to the email recipient.I should include the password in the email with the confidential data.The email with the data should tell the other office to phone me and ask for the passwordWhat is an impact of losing a removable device containing sensitive company information?*Criminals will be able to install malware programmes on my computer.The company will have to update the anti-virus software on all computers.The security patches on my computer will not be kept up to date.The company may be fined by a regulator for the loss of information.An organization processing your data must ensure that your data...*is always saved in the cloud and encrypted.is shared with other companies.is always processed lawfully.is anonymized.How should you use a USB stick securely?*Only use an approved one that has been provided by your employerOnly use one that has been used several times before, as it will be safeOnly use one that has been purchased from an approved supplierOnly use one with a capacity that is just large enough to store the information you want to put on itUnder the GDPR, in which situation can a data controller process personal data?*When the data controller is interested in processing personal dataWhen the data processor wants to send out marketing emailsWhen there is a legal obligation to process the dataWhen the data needs to be transferred to a third partyAgreement - Your data will be retained for the anonomised purpose of statistical analysis* I agree EmailThis field is for validation purposes and should be left unchanged.