CDPSE exam

During which of the following system lifecycle stages is it BEST to conduct a privacy impact assessment (PIA) on a system that holds personal data?A . Functional testingB . DevelopmentC . ProductionD . User acceptance testing (UAT)View AnswerAnswer: B Explanation: A PIA is a systematic process to identify and evaluate...

An organization is creating a personal data processing register to document actions taken with personal data. Which of the following categories should document controls relating to periods of retention for personal data?A . Data archivingB . Data storageC . Data acquisitionD . Data inputView AnswerAnswer: A Explanation: However, the risks...

Which of the following BEST enables an IT privacy practitioner to ensure appropriate protection for personal data collected that is required to provide necessary services?A . Understanding the data flows within the organizationB . Implementing strong access controls on a need-to-know basisC . Anonymizing privacy data during collection and recordingD...

A multinational corporation is planning a big data initiative to help with critical business decisions. Which of the following is the BEST way to ensure personal data usage is standardized across the entire organization?A . De-identify all data.B . Develop a data dictionary.C . Encrypt all sensitive data.D . Perform...

Which of the following would MOST effectively reduce the impact of a successful breach through a remote access solution?A . Compartmentalizing resource accessB . Regular testing of system backupsC . Monitoring and reviewing remote access logsD . Regular physical and remote testing of the incident response planView AnswerAnswer: A Explanation:...

Which of the following should be the FIRST consideration when selecting a data sanitization method?A . Risk toleranceB . Implementation costC . Industry standardsD . Storage typeView AnswerAnswer: D Explanation: The first consideration when selecting a data sanitization method is the type of storage device that holds the data to...

An email opt-in form on a website applies to which privacy principle?A . AccuracyB . ConsentC . TransparencyD . IntegrityView AnswerAnswer: B Explanation: Reference: https://www.isaca.org/resources/isaca-journal/issues/2016/volume-6/an-ethical-approach-to-data-privacy-protection Consent is a privacy principle that requires obtaining the permission or agreement of the data subjects before collecting, using, disclosing or transferring their personal data...

What should be the PRIMARY consideration of a multinational organization deploying a user and entity behavior analytics (UEBA) tool to centralize the monitoring of anomalous employee behavior?A . Cross-border data transferB . Support staff availability and skill setC . User notificationD . Global public interestView AnswerAnswer: A Explanation: The primary...

To ensure effective management of an organization’s data privacy policy, senior leadership MUST define:A . training and testing requirements for employees handling personal data.B . roles and responsibilities of the person with oversights.C . metrics and outcomes recommended by external agencies.D . the scope and responsibilities of the data owner.View...

When choosing data sources to be used within a big data architecture, which of the following data attributes MUST be considered to ensure data is not aggregated?A . AccuracyB . GranularityC . ConsistencyD . ReliabilityView AnswerAnswer: B Explanation: Reference: https://www.techopedia.com/definition/31722/granular-data Granularity is the level of detail or specificity of the...