Certified Data Privacy Solutions Engineer v1.0

Page:    1 / 18   
Exam contains 264 questions

Which of the following scenarios poses the GREATEST risk to an organization from a privacy perspective?

  • A. The organization lacks a hardware disposal policy.
  • B. Emails are not consistently encrypted when sent internally.
  • C. Privacy training is carried out by a service provider.
  • D. The organization’s privacy policy has not been reviewed in over a year.


Answer : D

Within a business continuity plan (BCP), which of the following is the MOST important consideration to ensure the ability to restore availability and access to personal data in the event of a data privacy incident?

  • A. Offline backup availability
  • B. Recovery time objective (RTO)
  • C. Recovery point objective (RPO)
  • D. Online backup frequency


Answer : A

In which of the following should the data record retention period be defined and established?

  • A. Data record model
  • B. Data recovery procedures
  • C. Data quality standard
  • D. Data management plan


Answer : D

When tokenizing credit card data, what security practice should be employed with the original data before it is stored in a data lake?

  • A. Encoding
  • B. Backup
  • C. Encryption
  • D. Classification


Answer : C

Which key stakeholder within an organization should be responsible for approving the outcomes of a privacy impact assessment (PIA)?

  • A. Data custodian
  • B. Privacy data analyst
  • C. Data processor
  • D. Data owner


Answer : D

Which of the following is the best reason for a health organization to use desktop virtualization to implement stronger access control to systems containing patient records?

  • A. Limited functions and capabilities of a secured operating environment
  • B. Monitored network activities for unauthorized use
  • C. Improved data integrity and reduced effort for privacy audits
  • D. Unlimited functionalities and highly secured applications


Answer : B

What is the BEST way for an organization to maintain the effectiveness of its privacy breach incident response plan?

  • A. Require security management to validate data privacy security practices.
  • B. Involve the privacy office in an organizational review of the incident response plan.
  • C. Hire a third party to perform a review of data privacy processes.
  • D. Conduct annual data privacy tabletop exercises.


Answer : B

Which of the following is MOST important when developing an organizational data privacy program?

  • A. Obtaining approval from process owners
  • B. Profiling current data use
  • C. Following an established privacy framework
  • D. Performing an inventory of all data


Answer : B

Which of the following should be considered personal information?

  • A. Biometric records
  • B. Company address
  • C. University affiliation
  • D. Age


Answer : A

Which of the following should an IT privacy practitioner do FIRST following a decision to expand remote working capability to all employees due to a global pandemic?

  • A. Evaluate the impact resulting from this change.
  • B. Revisit the current remote working policies.
  • C. Implement a virtual private network (VPN) tool.
  • D. Enforce multi-factor authentication for remote access.


Answer : B

When using anonymization techniques to prevent unauthorized access to personal data, which of the following is the MOST important consideration to ensure the data is adequately protected?

  • A. The key must be kept separate and distinct from the data it protects.
  • B. The data must be protected by multi-factor authentication.
  • C. The key must be a combination of alpha and numeric characters.
  • D. The data must be stored in locations protected by data loss prevention (DLP) technology.


Answer : D

Which party should data subject contact FIRST if they believe their personal information has been collected and used without consent?

  • A. Privacy rights advocate
  • B. Outside privacy counsel
  • C. Data protection authorities
  • D. The organization’s chief privacy officer (CPO)


Answer : C

Which of the following BEST enables an IT privacy practitioner to ensure appropriate protection for personal data collected that is required to provide necessary services?

  • A. Understanding the data flows within the organization
  • B. Implementing strong access controls on a need-to-know basis
  • C. Anonymizing privacy data during collection and recording
  • D. Encrypting the data throughout its life cycle


Answer : A

Which of the following tracking technologies associated with unsolicited targeted advertisements presents the GREATEST privacy risk?

  • A. Online behavioral tracking
  • B. Radio frequency identification (RFID)
  • C. Website cookies
  • D. Beacon-based tracking


Answer : C

Which of the following should an IT privacy practitioner do FIRST before an organization migrates personal data from an on-premise solution to a cloud-hosted solution?

  • A. Develop and communicate a data security plan.
  • B. Perform a privacy impact assessment (PIA).
  • C. Ensure strong encryption is used.
  • D. Conduct a security risk assessment.


Answer : B

Page:    1 / 18   
Exam contains 264 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy