QUESTION 1
Which of the following provides the MOST useful information when determining the scope of a privacy audit?
A. Business processes
B. Risk assessment results
C. Previous audit reports
D. Data flow mapping
Correct Answer: A
QUESTION 2
Which of the following is the PRIMARY advantage of hardening application software before implementation?
A. Detection of suspected privacy data breaches
B. Reduction in the likelihood of data breaches
C. Prevention of attacks on application systems
D. Compliance with privacy regulatory requirements
Correct Answer: B
QUESTION 3
Which type of information requires the HIGHEST level of protection from a privacy perspective?
A. Fingerprint
B. Salary
C. Residential address
D. Eye color
Correct Answer: A
QUESTION 4
Which of the following should be performed during the final phase of the data life cycle?
A. Data validation
B. Data maintenance
C. Data archival
D. Data disposal
Correct Answer: D
QUESTION 5
In addition to accessibility and authenticity, which other aspect of data is MOST important to maintain for effective data preservation?
A. Portability
B. Redundancy
C. Usability
D. Testability
Correct Answer: B
QUESTION 6
Which of the following is the GREATEST concern related to privacy regulations when implementing geographically redundant backup technology?
A. Date and location tagging
B. Types of media used
C. Restore times
D. Cross-border data centers
Correct Answer: D
QUESTION 7
Which of the following controls BEST helps to maintain the integrity of customer information?
A. Logging
B. Access control lists
C. Encryption
D. Hashing
Correct Answer: C
QUESTION 8
Which of the following would MOST effectively reduce the impact of a successful breach through a remote access solution?
A. Regular testing of system backups
B. Monitoring and reviewing remote access logs
C. Compartmentalizing resource access
D. Regular physical and remote testing of the incident response plan
Correct Answer: D
QUESTION 9
Which of the following is the BEST way to identify vulnerabilities in an organization’s web application that processes personal data?
A. Implement a web application firewall (WAF).
B. Hire a third party to perform blue team exercises.
C. Conduct static application security testing.
D. Conduct dynamic application security testing.
Correct Answer: B
QUESTION 10
Which of the following should be done FIRST when creating specialized training for employees with key duties to protect personal data?
A. Develop metrics to define and measure a successful training program.
B. Identify the key internal and external threats to data protection.
C. Benchmark existing training programs against industry standards.
D. Define the roles, responsibilities, and required skills based on job descriptions
Correct Answer: B
QUESTION 11
Which of the following BEST enables an IT privacy practitioner to ensure appropriate protection for personal data collected that is required to provide necessary services?
A. Understanding the data flows within the organization
B. Anonymizing privacy data during collection and recording
C. Encrypting the data throughout its life cycle
D. Implementing strong access controls on a need-to-know basis
Correct Answer: A
QUESTION 12
Which of the following should be done FIRST to establish privacy by design when developing a contact-tracing application?
A. Conduct a development environment review.
B. Conduct a privacy impact assessment (PIA).
C. Identify differential privacy techniques.
D. Identify privacy controls for the application.
Correct Answer: B
QUESTION 13
Which of the following is the GREATEST concern with retaining personal data for longer than originally intended?
A. More complex technical challenges
B. Increased data quality challenges
C. Added data storage costs
D. Prolonged exposure to data breaches
Correct Answer: D
QUESTION 14
Which of the following is the MOST important control to mitigate the risk of unauthorized users leveraging an active session left behind by an authorized user?
A. Automatic timeout
B. Single sign-on
C. Remote wipe
D. Multi-factor authentication
Correct Answer: A
QUESTION 15
Which of the following is the PRIMARY benefit of implementing policies and procedures for system hardening?
A. It reduces exposure of data.
B. It increases system resiliency.
C. It eliminates attack motivation for data.
D. It reduces external threats to data.
Correct Answer: A
QUESTION 16
Which of the following BEST protects data in transit via remote access?
A. Virtual private network (VPN)
B. Data de-identification
C. Data scrambling
D. Multi-factor authentication
Correct Answer: A
QUESTION 17
Who should own the risk scenarios, such as those for unlawful processing, loss, destruction, and unauthorized disclosure, that support data security monitoring controls?
A. Chief information security officer (CISO)
B. Chief executive officer (CEO)
C. Chief information officer (CIO)
D. Data protection officer (DPO)
Correct Answer: B
QUESTION 18
An organization is opening a new office in a country that has strict privacy regulations regarding consumer data. Which of the following is the BEST way for the senior leadership to ensure the related data processing complies with the country’s requirements?
A. Enact policies that address data privacy risk exposure.
B. Appoint a local data privacy controller.
C. Align data privacy standards with industry standards.
D. Mandate data privacy awareness training.
Correct Answer: A
QUESTION 19
Which of the following is MOST important for an organization to include in its website’s cookie policy?
A. Security controls to protect data
B. Reason for collecting data using cookies
C. Data retention period for browsing history
D. Impact of selecting the option to disable cookies
Correct Answer: B
QUESTION 20
Which of the following is the BEST way to manage different IT staff access permissions for personal data within an organization?
A. Role-based access control
B. Mandatory access control
C. Dedicated access system
D. Network segmentation
Correct Answer: A
We use cookies to improve your experience, including essential cookies required for the website to function. By continuing, you agree to our use of cookies. Learn more.
We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.
Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with customised advertisements based on the pages you visited previously and to analyse the effectiveness of the ad campaigns.
Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.