CIPT exam

An organization is launching a new online subscription-based publication. As the service is not aimed at children, users are asked for their date of birth as part of the of the sign-up process. The privacy technologist suggests it may be more appropriate ask if an individual is over 18 rather...

What is the main function of the Amnesic Incognito Live System or TAILS device?A . It allows the user to run a self-contained computer from a USB device. B. It accesses systems with a credential that leaves no discernable tracks. C. It encrypts data stored on any computer on a...

Which of the following CANNOT be effectively determined during a code audit?A . Whether access control logic is recommended in all cases. B. Whether data is being incorrectly shared with a third-party. C. Whether consent is durably recorded in the case of a server crash. D. Whether the differential privacy...

SCENARIO WebTracker Limited is a cloud-based online marketing service located in London. Last year, WebTracker migrated its IT infrastructure to the cloud provider AmaZure, which provides SQL Databases and Artificial Intelligence services to WebTracker. The roles and responsibilities between the two companies have been formalized in a standard contract, which...

Which of the following would best improve an organization’ s system of limiting data use?A . Implementing digital rights management technology. B. Confirming implied consent for any secondary use of data. C. Applying audit trails to resources to monitor company personnel. D. Instituting a system of user authentication for company...

What would be an example of an organization transferring the risks associated with a data breach?A . Using a third-party service to process credit card transactions. B. Encrypting sensitive personal data during collection and storage C. Purchasing insurance to cover the organization in case of a breach. D. Applying industry...

Why is first-party web tracking very difficult to prevent?A . The available tools to block tracking would break most sites’ functionality. B. Consumers enjoy the many benefits they receive from targeted advertising. C. Regulatory frameworks are not concerned with web tracking. D. Most browsers do not support automatic blocking.View AnswerAnswer:...

Between November 30th and December 2nd, 2013, cybercriminals successfully infected the credit card payment systems and bypassed security controls of a United States-based retailer with malware that exfiltrated 40 million credit card numbers. Six months prior, the retailer had malware detection software installed to prevent against such an attack. Which...

SCENARIO Wesley Energy has finally made its move, acquiring the venerable oil and gas exploration firm Lancelot from its long-time owner David Wilson. As a member of the transition team, you have come to realize that Wilson's quirky nature affected even Lancelot's data practices, which are maddeningly inconsistent. “The old...

Truncating the last octet of an IP address because it is NOT needed is an example of which privacy principle?A . Use Limitation B. Data Minimization C. Purpose Limitation D. Security SafeguardsView AnswerAnswer: B Explanation: truncating the last octet of an IP address because it is not needed is an...