CDPSE exam

Which of the following should be considered personal information?A . Biometric recordsB . Company addressC . University affiliationD . AgeView AnswerAnswer: A Explanation: Biometric records are personal information that can be used to identify an individual based on their physical or behavioral characteristics, such as fingerprints, facial recognition, iris scans,...

What type of personal information can be collected by a mobile application without consent?A . Full nameB . GeolocationC . Phone numberD . Accelerometer dataView AnswerAnswer: D Explanation: Reference: https://www.enisa.europa.eu/publications/privacy-and-data-protection-in-mobile-applications/at_download/fullReport Accelerometer data is a type of personal information that can be collected by a mobile application without consent, according to...

What is the PRIMARY means by which an organization communicates customer rights as it relates to the use of their personal information?A . Distributing a privacy rights policyB . Mailing rights documentation to customersC . Publishing a privacy noticeD . Gaining consent when information is collectedView AnswerAnswer: C Explanation: The...

Of the following, who should be PRIMARILY accountable for creating an organization’s privacy management strategy?A . Chief data officer (CDO)B . Privacy steering committeeC . Information security steering committeeD . Chief privacy officer (CPO)View AnswerAnswer: D Explanation: Some organizations, typically those that manage large amounts of personal information related to...

Which of the following MUST be available to facilitate a robust data breach management response?A . Lessons learned from prior data breach responsesB . Best practices to obfuscate data for processing and storageC . An inventory of previously impacted individualsD . An inventory of affected individuals and systemsView AnswerAnswer: D...