Question 14
Domain 4: Individual Requests, Complaints and Privacy IncidentsWhich action most directly reduces harm to individuals after confirmed credential theft?
Correct answer: A
Explanation
After confirmed credential theft, the immediate risk is unauthorized access using the stolen login data. Rotating credentials and forcing password resets invalidates the compromised passwords, which directly cuts off the attacker’s ability to continue using them and reduces harm to affected individuals.
Why each option is right or wrong
A. Rotate credentials and force password resets
Confirmed credential theft means the exposed passwords or tokens can still be used for account takeover until they are invalidated; the immediate containment step is to reset the affected secrets and revoke any active sessions or tokens. In practice, this is the fastest way to stop further unauthorized access because it removes the attacker’s working authentication material rather than merely monitoring for misuse.
B. Archive the previous quarter's privacy reports
C. Change the company's privacy slogan
D. Collect additional personal data for future investigations