CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. IAPP
  5. CIPT

Free CIPT Exam Braindumps (page: 27)

Page 26 of 54
PDF with 285 Questions

Which of the following is NOT relevant to a user exercising their data portability rights?

  1. Notice and consent for the downloading of data.
  2. Detection of phishing attacks against the portability interface.
  3. Re-authentication of an account, including two-factor authentication as appropriate.
  4. Validation of users with unauthenticated identifiers (e.g. IP address, physical address).

Answer(s): D



In order to prevent others from identifying an individual within a data set, privacy engineers use a cryptographically-secure hashing algorithm. Use of hashes in this way illustrates the privacy tactic known as what?

  1. Isolation.
  2. Obfuscation.
  3. Perturbation.
  4. Stripping.

Answer(s): B



An organization based in California, USA is implementing a new online helpdesk solution for recording customer call information. The organization considers the capture of personal data on the online helpdesk solution to be in the interest of the company in best servicing customer calls.

Before implementation, a privacy technologist should conduct which of the following?

  1. A Data Protection Impact Assessment (DPIA) and consultation with the appropriate regulator to ensure legal compliance.
  2. A privacy risk and impact assessment to evaluate potential risks from the proposed processing operations.
  3. A Legitimate Interest Assessment (LIA) to ensure that the processing is proportionate and does not override the privacy, rights and freedoms of the customers.
  4. A security assessment of the help desk solution and provider to assess if the technology was developed with a security by design approach.

Answer(s): C



Which technique is most likely to facilitate the deletion of every instance of data associated with a deleted user account from every data store held by an organization?

  1. Auditing the code which deletes user accounts.
  2. Building a standardized and documented retention program for user data deletion.
  3. Monitoring each data store for presence of data associated with the deleted user account.
  4. Training engineering teams on the importance of deleting user accounts their associated data from all data stores when requested.

Answer(s): C






Post your Comments and Discuss IAPP CIPT exam with other Community members:

CIPT Discussions & Posts