CIPT exam

SCENARIO Please use the following to answer the next question: Light Blue Health (LBH) is a healthcare technology company developing a new web and mobile application that collects personal health information from electronic patient health records. The application will use machine learning to recommend potential medical treatments and medications based...

Value sensitive design focuses on which of the following?A . Quality and benefit. B. Ethics and morality. C. Confidentiality and integrity. D. Consent and human rights.View AnswerAnswer: B Explanation: Value sensitive design (VSD) is a theoretically grounded approach to the design of technology that accounts for human values in a...

Which of the following are the mandatory pieces of information to be included in the documentation of records of processing activities for an organization that processes personal data on behalf of another organization?A . Copies of the consent forms from each data subject. B. Time limits for erasure of different...

An organization is launching a smart watch which, in addition to alerts, will notify the the wearer of incoming calls allowing them to answer on the device. This convenience also comes with privacy concerns and is an example of?A . Value-Sensitive Design. B. Ubiquitous computing. C. Anthropomorphism. D. CouplingView AnswerAnswer:...

What is the goal of privacy enhancing technologies (PETS) like multiparty computation and differential privacy?A . To facilitate audits of third party vendors. B. To protect sensitive data while maintaining its utility. C. To standardize privacy activities across organizational groups. D. To protect the security perimeter and the data items...

SCENARIO Looking back at your first two years as the Director of Personal Information Protection and Compliance for the Berry Country Regional Medical Center in Thorn Bay, Ontario, Canada, you see a parade of accomplishments, from developing state-of-the-art simulation based training for employees on privacy protection to establishing an interactive...

Which of the following functionalities can meet some of the General Data Protection Regulation’s (GDPR’s) Data Portability requirements for a social networking app designed for users in the EU?A . Allow users to modify the data they provided the app. B. Allow users to delete the content they provided the...

SCENARIO Clean-Q is a company that offers house-hold and office cleaning services. The company receives requests from consumers via their website and telephone, to book cleaning services. Based on the type and size of service, Clean-Q then contracts individuals that are registered on its resource database - currently managed in-house...

What is the distinguishing feature of asymmetric encryption?A . It has a stronger key for encryption than for decryption. B. It employs layered encryption using dissimilar methods. C. It uses distinct keys for encryption and decryption. D. It is designed to cross operating systems.View AnswerAnswer: C Explanation: Reference: https://www.cryptomathic.com/news-events/blog/classification-of-cryptographic-keys-functions-and-properties The...

What has been found to undermine the public key infrastructure system?A . Man-in-the-middle attacks. B. Inability to track abandoned keys. C. Disreputable certificate authorities. D. Browsers missing a copy of the certificate authority's public key.View AnswerAnswer: D