CDPSE exam

An organization want to develop an application programming interface (API) to seamlessly exchange personal data with an application hosted by a third-party service provider. What should be the FIRST step when developing an application link?A . Data taggingB . Data normalizationC . Data mappingD . Data hashingView AnswerAnswer: C Explanation:...

Which of the following should be the FIRST consideration when conducting a privacy impact assessment (PIA)? A. The applicable privacy legislation B. The quantity of information within the scope of the assessment C. The systems in which privacy-related data is stored D. The organizational security risk profileView AnswerAnswer: A Explanation:...

When using pseudonymization to prevent unauthorized access to personal data, which of the following is the MOST important consideration to ensure the data is adequately protected?A . The data must be protected by multi-factor authentication.B . The identifier must be kept separate and distinct from the data it protects.C ....

Which of the following should an IT privacy practitioner do FIRST before an organization migrates personal data from an on-premise solution to a cloud-hosted solution?A . Develop and communicate a data security plan.B . Perform a privacy impact assessment (PIA).C . Ensure strong encryption is used.D . Conduct a security...

Which of the following zones within a data lake requires sensitive data to be encrypted or tokenized?A . Trusted zoneB . Clean zoneC . Raw zoneD . Temporal zoneView AnswerAnswer: C Explanation: A raw zone is a zone within a data lake that contains unprocessed or unstructured data that is...

Which of the following scenarios poses the GREATEST risk to an organization from a privacy perspective?A . The organization lacks a hardware disposal policy.B . Emails are not consistently encrypted when sent internally.C . Privacy training is carried out by a service provider.D . The organization’s privacy policy has not...

Which of the following tracking technologies associated with unsolicited targeted advertisements presents the GREATEST privacy risk?A . Online behavioral trackingB . Radio frequency identification (RFID)C . Website cookiesD . Beacon-based trackingView AnswerAnswer: A Explanation: Online behavioral tracking is a tracking technology associated with unsolicited targeted advertisements that presents the greatest...

An organization’s data destruction guidelines should require hard drives containing personal data to go through which of the following processes prior to being crushed?A . Low-level formattingB . Remote partitioningC . DegaussingD . Hammer strikeView AnswerAnswer: C Explanation: Degaussing is a hard drive sanitation method that uses a powerful magnetic...

Which of the following is the BEST way to distinguish between a privacy risk and compliance risk?A . Perform a privacy risk audit.B . Conduct a privacy risk assessment.C . Validate a privacy risk attestation.D . Conduct a privacy risk remediation exercise.View AnswerAnswer: B Explanation: A privacy risk assessment is...

Which of the following BEST ensures a mobile application implementation will meet an organization’s data security standards?A . User acceptance testing (UAT)B . Data classificationC . Privacy impact assessment (PIA)D . Automatic dynamic code scanView AnswerAnswer: D Explanation: A mobile application implementation should meet the organization’s data security standards by...