ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question
A SaaS provider must update its terms of service to satisfy GDPR and similar laws that require the company to tell subscribers how their personal data will be used. Which statement would MOST directly fulfill this transparency obligation?
The contact address of the data protection officer and instructions for submitting subject access requests.
A concise explanation of why each category of personal data is processed and the types of external parties that may receive it.
A description of the encryption algorithms and key-management practices that protect stored personal data.
A list of every personal data element collected and the period for which each element will be retained.
Privacy statutes such as GDPR Articles 13-14 and U.S. state laws require two key elements to explain how personal data will be used: (1) a clear explanation of the specific purposes for processing and (2) disclosure of the categories of third-party recipients (e.g., cloud hosts, payment processors) that may get access. While listing data elements and retention periods, describing encryption methods, or posting the DPO's contact address are all important privacy disclosures, none of them by themselves tells the user why the data is processed and who else might receive it, so they do not completely satisfy the requirement to explain data usage.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is GDPR and why is it important?
Open an interactive chat with Bash
What are examples of external third parties mentioned in GDPR regulations?
Open an interactive chat with Bash
What is the role of a Data Protection Officer (DPO)?
Open an interactive chat with Bash
What is GDPR and why is it important?
Open an interactive chat with Bash
What are data processing 'purposes' and why must they be disclosed under GDPR?
Open an interactive chat with Bash
What are 'third-party recipients,' and why does GDPR require disclosure of them?
Open an interactive chat with Bash
ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Requirements
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .