CIPT exam

Which of the following is a stage in the data life cycle?A . Data classification. B. Data inventory. C. Data masking. D. Data retention.View AnswerAnswer: D Explanation: The stages in a typical data lifecycle include creation/collection, processing, storage/retention, usage/access/sharing/distribution, archival/preservation and destruction/deletion/disposition 3. Among these options provided here only “Data...

Which is NOT a drawback to using a biometric recognition system?A . It can require more maintenance and support. B. It can be more expensive than other systems C. It has limited compatibility across systems. D. It is difficult for people to use.View AnswerAnswer: A

What must be done to destroy data stored on "write once read many" (WORM) media?A . The data must be made inaccessible by encryption. B. The erase function must be used to remove all data. C. The media must be physically destroyed. D. The media must be reformatted.View AnswerAnswer: C

An organization has recently experienced a data breach where large amounts of personal data were compromised. As part of a post-incident review, the privacy technologist wants to analyze available data to understand what vulnerabilities may have contributed to the incident occurring. He learns that a key vulnerability had been flagged...

When writing security policies, the most important consideration is to?A . Require all employees to read and acknowledge their understanding. B. Ensure they are based on the organization's risk profile. C. Ensure they cover enough details for common situations. D. Follow industry best practices.View AnswerAnswer: B Explanation: the most important...

To meet data protection and privacy legal requirements that may require personal data to be disposed of or deleted when no longer necessary for the use it was collected, what is the best privacy-enhancing solution a privacy technologist should recommend be implemented in application design to meet this requirement?A ....

Which activity best supports the principle of data quality from a privacy perspective?A . Ensuring the data is classified. B. Protecting the data against unauthorized access. C. Ensuring the data is available for use. D. Protecting the data against unauthorized changes.View AnswerAnswer: D Explanation: protecting data against unauthorized changes best...

To comply with the Sarbanes-Oxley Act (SOX), public companies in the United States are required to annually report on the effectiveness of the auditing controls of their financial reporting systems. These controls must be implemented to prevent unauthorized use, disclosure, modification, and damage or loss of financial data. Why do...

A jurisdiction requiring an organization to place a link on the website that allows a consumer to opt-out of sharing is an example of what type of requirement?A . Functional B. Operational C. Technical D. Use caseView AnswerAnswer: B Explanation: a jurisdiction requiring an organization to place a link on...

Data oriented strategies Include which of the following?A . Minimize. Separate, Abstract, Hide. B. Inform, Control, Enforce, Demonstrate. C. Encryption, Hashing, Obfuscation, Randomization. D. Consent. Contract, Legal Obligation, Legitimate interests.View AnswerAnswer: A Explanation: data oriented strategies include minimizing the amount of personal data collected and processed (Minimize), separating personal data...