CIPT exam

SCENARIO Please use the following to answer the next question: Looking back at your first two years as the Director of Personal Information Protection and Compliance for the St. Anne’s Regional Medical Center in Thorn Bay, Ontario, Canada, you see a parade of accomplishments, from developing state-of-the-art simulation based training...

Which of the following is an example of the privacy risks associated with the Internet of Things (loT)?A . A group of hackers infiltrate a power grid and cause a major blackout.B . An insurance company raises a person’s rates based on driving habits gathered from a connected car.C ....

A user who owns a resource wants to give other individuals access to the resource . What control would apply?A . Mandatory access control.B . Role-based access controls.C . Discretionary access control.D . Context of authority controls.View AnswerAnswer: B Explanation: Reference: https://docs.microsoft.com/bs-latn-ba/azure/role-based-access-control/overview

Which Organization for Economic Co-operation and Development (OECD) privacy protection principle encourages an organization to obtain an individual s consent before transferring personal information?A . Individual participation.B . Purpose specification.C . Collection limitation.D . Accountability.View AnswerAnswer: C Explanation: Reference: http://oecdprivacy.org

What Privacy by Design (PbD) element should include a de-identification or deletion plan?A . Categorization.B . Remediation.C . Retention.D . SecurityView AnswerAnswer: C

Which of the following is an example of drone “swarming”?A . A drone filming a cyclist from above as he rides.B . A drone flying over a building site to gather data.C . Drones delivering retailers’ packages to private homes.D . Drones communicating with each other to perform a search...

SCENARIO Please use the following to answer the next question: Light Blue Health (LBH) is a healthcare technology company developing a new web and mobile application that collects personal health information from electronic patient health records. The application will use machine learning to recommend potential medical treatments and medications based...

A key principle of an effective privacy policy is that it should be?A . Written in enough detail to cover the majority of likely scenarios.B . Made general enough to maximize flexibility in its application.C . Presented with external parties as the intended audience.D . Designed primarily by the organization's...

An organization based in California, USA is implementing a new online helpdesk solution for recording customer call information. The organization considers the capture of personal data on the online helpdesk solution to be in the interest of the company in best servicing customer calls. Before implementation, a privacy technologist should...

SCENARIO Clean-Q is a company that offers house-hold and office cleaning services. The company receives requests from consumers via their website and telephone, to book cleaning services. Based on the type and size of service, Clean-Q then contracts individuals that are registered on its resource database - currently managed in-house...