CDPSE exam

Which of the following is MOST important to consider when managing changes to the provision of services by a third party that processes personal data?A . Changes to current information architectureB . Updates to data life cycle policyC . Business impact due to the changesD . Modifications to data quality...

Which of the following poses the GREATEST privacy risk for client-side application processing?A . Failure of a firewall protecting the company networkB . An employee loading personal information on a company laptopC . A remote employee placing communication software on a company serverD . A distributed denial of service attack...

Which of the following BEST ensures data confidentiality across databases?A . Logical data modelB . Data normalizationC . Data catalog vocabularyD . Data anonymizationView AnswerAnswer: D Explanation: The best way to ensure data confidentiality across databases is to use data anonymization, which is a process of removing or modifying personal...

Which of the following helps define data retention time is a stream-fed data lake that includes personal data?A . Information security assessmentsB . Privacy impact assessments (PIAs)C . Data privacy standardsD . Data lake configurationView AnswerAnswer: B Explanation: A privacy impact assessment (PIA) is a systematic process of identifying and...

Which of the following is a PRIMARY objective of performing a privacy impact assessment (PIA) prior to onboarding a new Software as a Service (SaaS) provider for a customer relationship management (CRM) system?A . To identify controls to mitigate data privacy risksB . To classify personal data according to the...

What is the BEST method to protect customers’ personal data that is forwarded to a central system for analysis?A . PseudonymizationB . DeletionC . EncryptionD . AnonymizationView AnswerAnswer: A Explanation: Pseudonymization is a technique that replaces direct identifiers in a data set with pseudonyms or artificial identifiers that do not...

Which of the following processes BEST enables an organization to maintain the quality of personal data?A . Implementing routine automatic validationB . Maintaining hashes to detect changes in dataC . Encrypting personal data at restD . Updating the data quality standard through periodic reviewView AnswerAnswer: A Explanation: The best way...

Which of the following is the GREATEST concern for an organization subject to cross-border data transfer regulations when using a cloud service provider to store and process data?A . The service provider has denied the organization’s request for right to audit.B . Personal data stored on the cloud has not...

Which of the following is the MOST important consideration when determining retention periods for personal data?A . Sectoral best practices for the industryB . Notice provided to customers during data collectionC . Data classification standardsD . Storage capacity available for retained dataView AnswerAnswer: B Explanation: The notice provided to customers...

Which of the following should be done FIRST to address privacy risk when migrating customer relationship management (CRM) data to a new system?A . Develop a data migration plan.B . Conduct a legitimate interest analysis (LIA).C . Perform a privacy impact assessment (PIA).D . Obtain consent from data subjects.View AnswerAnswer:...