Skip to Content
Home GDPR & Data Protection Compliance GDPR & Data Protection Compliance

GDPR & Data Protection Compliance

0 %

Completed

Course content

GDPR & Data Protection Compliance

10 XP
Prev Next
Fullscreen Share
Rating
0 0

There are no comments for now.

Join this Course
to be the first to leave a comment.

1. Which of the following BEST describes personal data under GDPR?
Only financial information Only passport and driving licence numbers Publicly available company information only Any information relating to an identifiable individual
2. A consultant exports a client user list containing names and email addresses onto a personal USB drive for convenience. Why is this a risk?
USB drives reduce internet speed Personal devices may not meet approved security controls GDPR only applies to printed records Exporting data is always prohibited
3. Which GDPR principle requires organisations to collect only information necessary for a specific purpose?
Transparency Data minimisation Storage limitation Accountability
4. Which of the following is considered special category data?
Office location Work laptop serial number Corporate email signature Health information
5. You receive an email containing personal data that was clearly sent to you by mistake. What should you do?
Report the incident appropriately and avoid unnecessary sharing Ignore the email permanently Forward it to colleagues for awareness Store the information locally in case it is needed later
6. Which of the following is the BEST example of secure data handling?
Sharing client data through personal messaging applications Uploading confidential data into public AI tools Using approved encrypted company systems for file sharing Saving client exports on unmanaged personal devices
7. What is the main purpose of GDPR?
To eliminate all cyber attacks To protect personal data and privacy rights To regulate software licensing globally To replace company security policies
8. Which action is MOST likely to result in a personal data breach?
Sending sensitive information to the wrong external contact Locking your workstation when unattended Verifying email recipients carefully Using MFA on company accounts
9. Why should employees avoid storing unnecessary personal data?
Storage is always illegal under GDPR GDPR requires data to be limited and retained only as necessary Personal data cannot be encrypted Archived information cannot be deleted later
10. A client requests a copy of all personal data held about them. What should an employee do?
Ignore the request unless management approves verbally Delete the data immediately Send all available data directly without verification Escalate the request through the approved process
11. Which of the following is a lawful basis for processing personal data?
Contractual necessity Convenience only Personal curiosity Informal verbal approval from colleagues
12. Why is least privilege important for data protection?
It limits access to only the information required for a role It improves internet performance It removes the need for encryption It allows shared administrator accounts
13. Which of the following should NEVER be entered into public AI tools unless explicitly approved?
Public marketing text Published press releases Client personal data and credentials Non-confidential meeting agendas
14. What should employees do if they suspect a personal data breach has occurred?
Wait to see whether anyone notices Attempt to hide the incident Delete relevant evidence to reduce impact Report it immediately using approved procedures
15. Which of the following BEST demonstrates good GDPR compliance?
Accessing personal data only when required for legitimate business purposes Sharing credentials within project teams to simplify access Retaining all personal data indefinitely Using personal email accounts for client communications
16. Why is verifying recipients before sending sensitive information important?
To reduce mailbox storage usage To help prevent accidental disclosure of personal data To avoid password complexity requirements To improve email delivery speed
17. Which statement about GDPR responsibilities is correct?
GDPR only applies to HR teams Only management is responsible for data protection GDPR applies only to printed records All employees handling personal data have responsibilities under GDPR
18. Which of the following is an example of poor data handling practice?
Downloading excessive client data unnecessarily Encrypting sensitive files Following retention policies Using approved secure systems
19. What is the BEST response if you are unsure whether information can be shared?
Share it internally to save time Upload it to collaboration platforms temporarily Seek guidance before sharing the information Assume existing access means approval
20. What is the overall BEST approach to GDPR and data protection compliance?
Handling personal data carefully, securely, and only where necessary Prioritising convenience over policy Retaining all records indefinitely in case they are useful later Sharing data freely within project teams