Crucial Exams

ISC2 Certified Secure Software Lifecycle Professional (CSSLP) Practice Question

During a GDPR gap analysis, you are asked how the SaaS platform will fulfil a user's "right to be forgotten" request. Which approach best demonstrates compliance for personal data that also exists in nightly encrypted backups?

  • Purge the records from production databases at once and configure backup retention so the same records are automatically overwritten or cryptographically shredded at the next scheduled rotation.

  • Mark the records as inactive, deny further processing, but leave all identifiers in both production and backup datasets indefinitely.

  • Encrypt the records with a new key held only by administrators and document that as equivalent to deletion.

  • Delete the records from live systems yet keep them in the analytics data lake and backups for trend analysis purposes.

ISC2 Certified Secure Software Lifecycle Professional (CSSLP)
Secure Software Requirements
Your Score:
Settings & Objectives
Random Mixed
Questions are selected randomly from all chosen topics, with a preference for those you haven’t seen before. You may see several questions from the same objective or domain in a row.
Rotate by Objective
Questions cycle through each objective or domain in turn, helping you avoid long streaks of questions from the same area. You may see some repeat questions, but the distribution will be more balanced across topics.

Check or uncheck an objective to set which questions you will receive.

Wipe Score
Bash, the Crucial Exams Chat Bot
AI Bot