New Year Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > IAPP > Information Privacy Technologist > CIPT

CIPT Certified Information Privacy Technologist Question and Answers

Question # 4

What is the term for information provided to a social network by a member?

A.

Profile data.

B.

Declared data.

C.

Personal choice data.

D.

Identifier information.

Full Access
Question # 5

Which of the following modes of interaction often target both people who personally know and are strangers to the attacker?

A.

Spam.

B.

Phishing.

C.

Unsolicited sexual imagery.

D.

Consensually-shared sexual imagery.

Full Access
Question # 6

After committing to a Privacy by Design program, which activity should take place first?

A.

Create a privacy standard that applies to all projects and services.

B.

Establish a retention policy for all data being collected.

C.

Implement easy to use privacy settings for users.

D.

Perform privacy reviews on new projects.

Full Access
Question # 7

Which Privacy by Design principle requires architects and operators to emphasize the interests of the individual by offering measures such as strong privacy defaults, appropriate

notice, and user-friendly options?

A.

Data lifecycle protection.

B.

Embedded into design.

C.

Respect for user privacy.

D.

Proactive not reactive.

Full Access
Question # 8

SCENARIO

Please use the following to answer next question:

EnsureClaim is developing a mobile app platform for managing data used for assessing car accident insurance claims. Individuals use the app to take pictures at the crash site, eliminating the need for a built-in vehicle camera. EnsureClaim uses a third-party hosting provider to store data collected by the app. EnsureClaim customer service employees also receive and review app data before sharing with insurance claim adjusters.

The app collects the following information:

First and last name

Date of birth (DOB)

Mailing address

Email address

Car VIN number

Car model

License plate

Insurance card number

Photo

Vehicle diagnostics

Geolocation

What would be the best way to supervise the third-party systems the EnsureClaim App will share data with?

A.

Review the privacy notices for each third-party that the app will share personal data with to determine adequate privacy and data protection controls are in place.

B.

Conduct a security and privacy review before onboarding new vendors that collect personal data from the app.

C.

Anonymize all personal data collected by the app before sharing any data with third-parties.

D.

Develop policies and procedures that outline how data is shared with third-party apps.

Full Access
Question # 9

Properly configured databases and well-written website codes are the best protection against what online threat?

A.

Pharming.

B.

SQL injection.

C.

Malware execution.

D.

System modification.

Full Access
Question # 10

An organization is launching a new online subscription-based publication. As the service is not aimed at children, users are asked for their date of birth as part of the of the sign-up process. The privacy technologist suggests it may be more appropriate ask if an individual is over 18 rather than requiring they provide a date of birth. What kind of threat is the privacy technologist concerned about?

A.

Identification.

B.

Insecurity.

C.

Interference.

D.

Minimization.

Full Access
Question # 11

Which of the following is NOT a factor to consider in FAIR analysis?

A.

The severity of the harm that might be caused by the privacy risk.

B.

The capability of a threat actor to exploit the analyzed privacy risk.

C.

The stage of the data life cycle in which the analyzed privacy risk occurs.

D.

The probability that a threat actor's attempts to exploit a privacy risk might succeed.

Full Access
Question # 12

Not updating software for a system that processes human resources data with the latest security patches may create what?

A.

Authentication issues.

B.

Privacy vulnerabilities.

C.

Privacy threat vectors.

D.

Reportable privacy violations.

Full Access
Question # 13

Which of the following statements describes an acceptable disclosure practice?

A.

An organization’s privacy policy discloses how data will be used among groups within the organization itself.

B.

With regard to limitation of use, internal disclosure policies override contractual agreements with third parties.

C.

Intermediaries processing sensitive data on behalf of an organization require stricter disclosure oversight than vendors.

D.

When an organization discloses data to a vendor, the terms of the vendor’ privacy notice prevail over the organization’ privacy notice.

Full Access
Question # 14

An organization is deciding between building a solution in-house versus purchasing a solution for a new customer facing application. When security threat are taken into consideration, a key advantage of purchasing a solution would be the availability of?

A.

Outsourcing.

B.

Persistent VPN.

C.

Patching and updates.

D.

Digital Rights Management.

Full Access
Question # 15

Which of the following is the least effective privacy preserving practice in the Systems Development Life Cycle (SDLC)?

A.

Conducting privacy threat modeling for the use-case.

B.

Following secure and privacy coding standards in the development.

C.

Developing data flow modeling to identify sources and destinations of sensitive data.

D.

Reviewing the code against Open Web Application Security Project (OWASP) Top 10 Security Risks.

Full Access
Question # 16

An organization is launching a smart watch which, in addition to alerts, will notify the the wearer of incoming calls allowing them to answer on the device. This convenience also comes with privacy concerns and is an example of?

A.

Value-Sensitive Design.

B.

Ubiquitous computing.

C.

Anthropomorphism.

D.

Coupling

Full Access
Question # 17

All of the following can be indications of a ransomware attack EXCEPT?

A.

The inability to access certain files.

B.

An increased amount of spam email in an individual's inbox.

C.

An increase in activity of the CPU of a computer for no apparent reason.

D.

The detection of suspicious network communications between the ransomware and the attacker's command and control servers.

Full Access
Question # 18

An organization is evaluating a number of Machine Learning (ML) solutions to help automate a customer-facing part of its business From a privacy perspective, the organization should first?

A.

Define their goals for fairness

B.

Document the distribution of bias scores

C.

Document the False Positive Rates (FPR).

D.

Define how data subjects may object to the processing

Full Access
Question # 19

SCENARIO

Carol was a U.S.-based glassmaker who sold her work at art festivals. She kept things simple by only accepting cash and personal checks.

As business grew, Carol couldn't keep up with demand, and traveling to festivals became burdensome. Carol opened a small boutique and hired Sam to run it while she worked in the studio. Sam was a natural salesperson, and business doubled. Carol told Sam, “I don't know what you are doing, but keep doing it!"

But months later, the gift shop was in chaos. Carol realized that Sam needed help so she hired Jane, who had business expertise and could handle the back-office tasks. Sam would continue to focus on sales. Carol gave Jane a few weeks to get acquainted with the artisan craft business, and then scheduled a meeting for the three of them to discuss Jane's first impressions.

At the meeting, Carol could not wait to hear Jane's thoughts, but she was unprepared for what Jane had to say. “Carol, I know that he doesn't realize it, but some of Sam’s efforts to increase sales have put you in a vulnerable position. You are not protecting customers’ personal information like you should.”

Sam said, “I am protecting our information. I keep it in the safe with our bank deposit. It's only a list of customers’ names, addresses and phone numbers that I get from their checks before I deposit them. I contact them when you finish a piece that I think they would like. That's the only information I have! The only other thing I do is post photos and information about your work on the photo sharing site that I use with family and friends. I provide my email address and people send me their information if they want to see more of your work. Posting online really helps sales, Carol. In fact, the only complaint I hear is about having to come into the shop to make a purchase.”

Carol replied, “Jane, that doesn’t sound so bad. Could you just fix things and help us to post even more online?"

‘I can," said Jane. “But it's not quite that simple. I need to set up a new program to make sure that we follow the best practices in data management. And I am concerned for our customers. They should be able to manage how we use their personal information. We also should develop a social media strategy.”

Sam and Jane worked hard during the following year. One of the decisions they made was to contract with an outside vendor to manage online sales. At the end of the year, Carol shared some exciting news. “Sam and Jane, you have done such a great job that one of the biggest names in the glass business wants to buy us out! And Jane, they want to talk to you about merging all of our customer and vendor information with theirs beforehand."

Which regulator has jurisdiction over the shop's data management practices?

A.

The Federal Trade Commission.

B.

The Department of Commerce.

C.

The Data Protection Authority.

D.

The Federal Communications Commission.

Full Access
Question # 20

SCENARIO

Please use the following to answer the next question:

Light Blue Health (LBH) is a healthcare technology company developing a new web and mobile application that collects personal health information from electronic patient health records. The application will use machine learning to recommend potential medical treatments and medications based on information collected from anonymized electronic health records. Patient users may also share health data collected from other mobile apps with the LBH app.

The application requires consent from the patient before importing electronic health records into the application and sharing it with their authorized physicians or healthcare provider. The patient can then review and share the recommended treatments with their physicians securely through the app. The patient user may also share location data and upload photos in the app. The patient user may also share location data and upload photos in the app for a healthcare provider to review along with the health record. The patient may also delegate access to the app.

LBH’s privacy team meets with the Application development and Security teams, as well as key business stakeholders on a periodic basis. LBH also implements Privacy by Design (PbD) into the application development process.

The Privacy Team is conducting a Privacy Impact Assessment (PIA) to evaluate privacy risks during development of the application. The team must assess whether the application is collecting descriptive, demographic or any other user related data from the electronic health records that are not needed for the purposes of the application. The team is also reviewing whether the application may collect additional personal data for purposes for which the user did not provide consent.

What is the best way to ensure that the application only collects personal data that is needed to fulfill its primary purpose of providing potential medical and healthcare recommendations?

A.

Obtain consent before using personal health information for data analytics purposes.

B.

Provide the user with an option to select which personal data the application may collect.

C.

Disclose what personal data the application the collecting in the company Privacy Policy posted online.

D.

Document each personal category collected by the app and ensure it maps to an app function or feature.

Full Access
Question # 21

An organization is launching a new smart speaker to the market. The device will have the capability to play music and provide news and weather updates. Which of the following would be a concern from a privacy perspective?

A.

Appropriation.

B.

Browser Fingerprinting.

C.

Context of authority.

D.

Context aware computing.

Full Access
Question # 22

What Privacy by Design (PbD) element should include a de-identification or deletion plan?

A.

Categorization.

B.

Remediation.

C.

Retention.

D.

Security

Full Access
Question # 23

SCENARIO

Wesley Energy has finally made its move, acquiring the venerable oil and gas exploration firm Lancelot from its long-time owner David Wilson. As a member of the transition team, you have come to realize that Wilson's quirky nature affected even Lancelot's data practices, which are maddeningly inconsistent. “The old man hired and fired IT people like he was changing his necktie,” one of Wilson’s seasoned lieutenants tells you, as you identify the traces of initiatives left half complete.

For instance, while some proprietary data and personal information on clients and employees is encrypted, other sensitive information, including health information from surveillance testing of employees for toxic exposures, remains unencrypted, particularly when included within longer records with less-sensitive data. You also find that data is scattered across applications, servers and facilities in a manner that at first glance seems almost random.

Among your preliminary findings of the condition of data at Lancelot are the following:

    Cloud technology is supplied by vendors around the world, including firms that you have not heard of. You are told by a former Lancelot employee that these vendors operate with divergent security requirements and protocols.

    The company’s proprietary recovery process for shale oil is stored on servers among a variety of less-sensitive information that can be accessed not only by scientists, but by personnel of all types at most company locations.

    DES is the strongest encryption algorithm currently used for any file.

    Several company facilities lack physical security controls, beyond visitor check-in, which familiar vendors often bypass.

    Fixing all of this will take work, but first you need to grasp the scope of the mess and formulate a plan of action to address it.

Which is true regarding the type of encryption Lancelot uses?

A.

It employs the data scrambling technique known as obfuscation.

B.

Its decryption key is derived from its encryption key.

C.

It uses a single key for encryption and decryption.

D.

It is a data masking methodology.

Full Access
Question # 24

SCENARIO

Looking back at your first two years as the Director of Personal Information Protection and Compliance for the Berry Country Regional Medical Center in Thorn Bay, Ontario, Canada, you see a parade of accomplishments, from developing state-of-the-art simulation based training for employees on privacy protection to establishing an interactive medical records system that is accessible by patients as well as by the medical personnel. Now, however, a question you have put off looms large: how do we manage all the data-not only records produced recently, but those still on hand from years ago? A data flow diagram generated last year shows multiple servers, databases, and work stations, many of which hold files that have not yet been incorporated into the new records system. While most of this data is encrypted, its persistence may pose security and compliance concerns. The situation is further complicated by several long-term studies being conducted by the medical staff using patient information. Having recently reviewed the major Canadian privacy regulations, you want to make certain that the medical center is observing them.

You also recall a recent visit to the Records Storage Section, often termed “The Dungeon” in the basement of the old hospital next to the modern facility, where you noticed a multitude of paper records. Some of these were in crates marked by years, medical condition or alphabetically by patient name, while others were in undifferentiated bundles on shelves and on the floor. The back shelves of the section housed data tapes and old hard drives that were often unlabeled but appeared to be years old. On your way out of the dungeon, you noticed just ahead of you a small man in a lab coat who you did not recognize. He carried a batch of folders under his arm, apparently records he had removed from storage.

Which regulation most likely applies to the data stored by Berry Country Regional Medical Center?

A.

Personal Information Protection and Electronic Documents Act

B.

Health Insurance Portability and Accountability Act

C.

The Health Records Act 2001

D.

The European Union Directive 95/46/EC

Full Access
Question # 25

Which of the following is the best method to minimize tracking through the use of cookies?

A.

Use ‘private browsing’ mode and delete checked files, clear cookies and cache once a day.

B.

Install a commercially available third-party application on top of the browser that is already installed.

C.

Install and use a web browser that is advertised as ‘built specifically to safeguard user privacy’.

D.

Manage settings in the browser to limit the use of cookies and remove them once the session completes.

Full Access
Question # 26

What is the best way to protect privacy on a geographic information system (GIS)?

A.

Limiting the data provided to the system.

B.

Using a wireless encryption protocol.

C.

Scrambling location information.

D.

Using a firewall.

Full Access
Question # 27

Which of the following does NOT illustrate the ‘respect to user privacy’ principle?

A.

Implementing privacy elements within the user interface that facilitate the use of technology by any visually-challenged users.

B.

Enabling Data Subject Access Request (DSARs) that provide rights for correction, deletion, amendment and rectification of personal information.

C.

Developing a consent management self-service portal that enables the data subjects to review the details of consent provided to an organization.

D.

Filing breach notification paperwork with data protection authorities which detail the impact to data subjects.

Full Access
Question # 28

In the realm of artificial intelligence, how has deep learning enabled greater implementation of machine learning?

A.

By using hand-coded classifiers like edge detection filters so that a program can identify where an object starts and stops.

B.

By increasing the size of neural networks and running massive amounts of data through the network to train it.

C.

By using algorithmic approaches such as decision tree learning and inductive logic programming.

D.

By hand coding software routines with a specific set of instructions to accomplish a task.

Full Access
Question # 29

What privacy risk is NOT mitigated by the use of encrypted computation to target and serve online ads?

A.

The ad being served to the user may not be relevant.

B.

The user’s sensitive personal information is used to display targeted ads.

C.

The personal information used to target ads can be discerned by the server.

D.

The user’s information can be leaked to an advertiser through weak de-identification techniques.

Full Access
Question # 30

A BaaS provider backs up the corporate data and stores it in an outsider provider under contract with the organization. A researcher notifies the organization that he found unsecured data in the cloud. The organization looked into the issue and realized $ne of its backups was misconfigured on the outside provider's cloud and the data fully exposed to the open internet. They quickly secured the backup. Which is the best next step the organization should take?

A.

Review the content of the data exposed.

B.

Review its contract with the outside provider.

C.

Investigate how the researcher discovered the unsecured data.

D.

Investigate using alternate BaaS providers or on-premise backup systems.

Full Access
Question # 31

SCENARIO

Please use the following to answer the next question:

Chuck, a compliance auditor for a consulting firm focusing on healthcare clients, was required to travel to the client’s office to perform an onsite review of the client’s operations. He rented a car from Finley Motors upon arrival at the airport as so he could commute to and from the client’s office. The car rental agreement was electronically signed by Chuck and included his name, address, driver’s license, make/model of the car, billing rate, and additional details describing the rental transaction. On the second night, Chuck was caught by a red light camera not stopping at an intersection on his way to dinner. Chuck returned the car back to the car rental agency at the end week without mentioning the infraction and Finley Motors emailed a copy of the final receipt to the address on file.

Local law enforcement later reviewed the red light camera footage. As Finley Motors is the registered owner of the car, a notice was sent to them indicating the infraction and fine incurred. This notice included the license plate number, occurrence date and time, a photograph of the driver, and a web portal link to a video clip of the violation for further review. Finley Motors, however, was not responsible for the violation as they were not driving the car at the time and transferred the incident to AMP Payment Resources for further review. AMP Payment Resources identified Chuck as the driver based on the rental agreement he signed when picking up the car and then contacted Chuck directly through a written letter regarding the infraction to collect the fine.

After reviewing the incident through the AMP Payment Resources’ web portal, Chuck paid the fine using his personal credit card. Two weeks later, Finley Motors sent Chuck an email promotion offering 10% off a future rental.

How can Finley Motors reduce the risk associated with transferring Chuck’s personal information to AMP Payment Resources?

A.

By providing only the minimum necessary data to process the violation notice and masking all other information prior to transfer.

B.

By requesting AMP Payment Resources delete unnecessary datasets and only utilize what is necessary to process the violation notice.

C.

By obfuscating the minimum necessary data to process the violation notice and require AMP Payment Resources to secure store the personal information.

D.

By transferring all information to separate datafiles and requiring AMP Payment Resources to combine the datasets during processing of the violation notice.

Full Access
Question # 32

SCENARIO

Tom looked forward to starting his new position with a U.S —based automobile leasing company (New Company), now operating in 32 states. New Company was recently formed through the merger of two prominent players, one from the eastern region (East Company) and one from the western region (West Company). Tom, a Certified Information Privacy Technologist (CIPT), is New Company's first Information Privacy and Security Officer. He met today with Dick from East Company, and Harry, from West Company. Dick and Harry are veteran senior information privacy and security professionals at their respective companies, and continue to lead the east and west divisions of New Company. The purpose of the meeting was to conduct a SWOT (strengths/weaknesses/opportunities/threats) analysis for New Company. Their SWOT analysis conclusions are summarized below.

Dick was enthusiastic about an opportunity for the New Company to reduce costs and increase computing power and flexibility through cloud services. East Company had been contemplating moving to the cloud, but West Company already had a vendor that was providing it with software-as-a-service (SaaS). Dick was looking forward to extending this service to the eastern region. Harry noted that this was a threat as well, because West Company had to rely on the third party to protect its data.

Tom mentioned that neither of the legacy companies had sufficient data storage space to meet the projected growth of New Company, which he saw as a weakness. Tom stated that one of the team's first projects would be to construct a consolidated New Company data warehouse. Tom would personally lead this project and would be held accountable if information was modified during transmission to or during storage in the new data warehouse.

Tom, Dick and Harry agreed that employee network access could be considered both a strength and a weakness. East Company and West Company had strong performance records in this regard; both had robust network access controls that were working as designed. However, during a projected year-long transition period, New Company employees would need to be able to connect to a New Company network while retaining access to the East Company and West Company networks.

Which statement is correct about addressing New Company stakeholders’ expectations for privacy?

A.

New Company should expect consumers to read the company’s privacy policy.

B.

New Company should manage stakeholder expectations for privacy even when the stakeholders‘ data is not held by New Company.

C.

New Company would best meet consumer expectations for privacy by adhering to legal requirements.

D.

New Company's commitment to stakeholders ends when the stakeholders’ data leaves New Company.

Full Access
Question # 33

What has been found to undermine the public key infrastructure system?

A.

Man-in-the-middle attacks.

B.

Inability to track abandoned keys.

C.

Disreputable certificate authorities.

D.

Browsers missing a copy of the certificate authority's public key.

Full Access
Question # 34

Many modern vehicles incorporate technologies that increase the convenience of drivers, but collect information about driver behavior in order to Implement this. What should vehicle manufacturers prioritize to ensure enhanced privacy protection for drivers?

A.

Share the sensitive data collected about driver behavior with the driver.

B.

Derive implicit consent for the processing of sensitive data by the continued use of the vehicle.

C.

Obtain affirmative consent for processing of sensitive data about the driver.

D.

Provide easy to read, in-vehicle instructions about how to use the technology.

Full Access
Question # 35

Which of the following is a vulnerability of a sensitive biometrics authentication system?

A.

False positives.

B.

False negatives.

C.

Slow recognition speeds.

D.

Theft of finely individualized personal data.

Full Access
Question # 36

What is a main benefit of data aggregation?

A.

It is a good way to perform analysis without needing a statistician.

B.

It applies two or more layers of protection to a single data record.

C.

It allows one to draw valid conclusions from small data samples.

D.

It is a good way to achieve de-identification and unlinkabilty.

Full Access
Question # 37

A credit card with the last few numbers visible is an example of what?

A.

Masking data

B.

Synthetic data

C.

Sighting controls.

D.

Partial encryption

Full Access
Question # 38

Combining multiple pieces of information about an individual to produce a whole that is greater than the sum of its parts is called?

A.

Identification.

B.

Insecurity.

C.

Aggregation.

D.

Exclusion.

Full Access
Question # 39

Machine-learning based solutions present a privacy risk because?

A.

Training data used during the training phase is compromised.

B.

The solution may contain inherent bias from the developers.

C.

The decision-making process used by the solution is not documented.

D.

Machine-learning solutions introduce more vulnerabilities than other software.

Full Access
Question # 40

SCENARIO

Looking back at your first two years as the Director of Personal Information Protection and Compliance for the Berry Country Regional Medical Center in Thorn Bay, Ontario, Canada, you see a parade of accomplishments, from developing state-of-the-art simulation based training for employees on privacy protection to establishing an interactive medical records system that is accessible by patients as well as by the medical personnel. Now, however, a question you have put off looms large: how do we manage all the data-not only records produced recently, but those still on hand from years ago? A data flow diagram generated last year shows multiple servers, databases, and work stations, many of which hold files that have not yet been incorporated into the new records system. While most of this data is encrypted, its persistence may pose security and compliance concerns. The situation is further complicated by several long-term studies being conducted by the medical staff using patient information. Having recently reviewed the major Canadian privacy regulations, you want to make certain that the medical center is observing them.

You also recall a recent visit to the Records Storage Section, often termed “The Dungeon” in the basement of the old hospital next to the modern facility, where you noticed a multitude of paper records. Some of these were in crates marked by years, medical condition or alphabetically by patient name, while others were in undifferentiated bundles on shelves and on the floor. The back shelves of the section housed data tapes and old hard drives that were often unlabeled but appeared to be years old. On your way out of the dungeon, you noticed just ahead of you a small man in a lab coat who you did not recognize. He carried a batch of folders under his arm, apparently records he had removed from storage.

Which cryptographic standard would be most appropriate for protecting patient credit card information in the records system?

A.

Asymmetric Encryption

B.

Symmetric Encryption

C.

Obfuscation

D.

Hashing

Full Access
Question # 41

To comply with the Sarbanes-Oxley Act (SOX), public companies in the United States are required to annually report on the effectiveness of the auditing controls of their financial reporting systems. These controls must be implemented to prevent unauthorized use, disclosure, modification, and damage or loss of financial data.

Why do these controls ensure both the privacy and security of data?

A.

Modification of data is an aspect of privacy; unauthorized use, disclosure, and damage or loss of data are aspects of security.

B.

Unauthorized use of data is an aspect of privacy; disclosure, modification, and damage or loss of data are aspects of security.

C.

Disclosure of data is an aspect of privacy; unauthorized use, modification, and damage or loss of data are aspects of security.

D.

Damage or loss of data are aspects of privacy; disclosure, unauthorized use, and modification of data are aspects of privacy.

Full Access
Question # 42

SCENARIO

WebTracker Limited is a cloud-based online marketing service located in London. Last year, WebTracker migrated its IT infrastructure to the cloud provider AmaZure, which provides SQL Databases and Artificial Intelligence services to WebTracker. The roles and responsibilities between the two companies have been formalized in a standard contract, which includes allocating the role of data controller to WebTracker.

The CEO of WebTracker, Mr. Bond, would like to assess the effectiveness of AmaZure's privacy controls, and he recently decided to hire you as an independent auditor. The scope of the engagement is limited only to the marketing services provided by WebTracker, you will not be evaluating any internal data processing activity, such as HR or Payroll.

This ad-hoc audit was triggered due to a future partnership between WebTracker and SmartHome — a partnership that will not require any data sharing. SmartHome is based in the USA, and most recently has dedicated substantial resources to developing smart refrigerators that can suggest the recommended daily calorie intake based on DNA information. This and other personal data is collected by WebTracker.

To get an idea of the scope of work involved, you have decided to start reviewing the company's documentation and interviewing key staff to understand potential privacy risks.

The results of this initial work include the following notes:

    There are several typos in the current privacy notice of WebTracker, and you were not able to find the privacy notice for SmartHome.

    You were unable to identify all the sub-processors working for SmartHome. No subcontractor is indicated in the cloud agreement with AmaZure, which is responsible for the support and maintenance of the cloud infrastructure.

    There are data flows representing personal data being collected from the internal employees of WebTracker, including an interface from the HR system.

    Part of the DNA data collected by WebTracker was from employees, as this was a prototype approved by the CEO of WebTracker.

    All the WebTracker and SmartHome customers are based in USA and Canada.

Based on the initial assessment and review of the available data flows, which of the following would be the most important privacy risk you should investigate first?

A.

Verify that WebTracker's HR and Payroll systems implement the current privacy notice (after the typos are fixed).

B.

Review the list of subcontractors employed by AmaZure and ensure these are included in the formal agreement with WebTracker.

C.

Evaluate and review the basis for processing employees’ personal data in the context of the prototype created by WebTracker and approved by the CEO.

D.

Confirm whether the data transfer from London to the USA has been fully approved by AmaZure and the appropriate institutions in the USA and the European Union.

Full Access
Question # 43

What risk is mitigated when routing meeting video traffic through a company’s application servers rather than sending the video traffic directly from one user to another?

A.

The user's identity is protected from the other user

B.

The user is protected against cyberstalking attacks

C.

The user's IP address is hidden from the other user

D.

The user is assured that stronger authentication methods have been used

Full Access
Question # 44

How does browser fingerprinting compromise privacy?

A.

By creating a security vulnerability.

B.

By differentiating users based upon parameters.

C.

By persuading users to provide personal information.

D.

By customizing advertising based on the geographic location.

Full Access
Question # 45

What tactic does pharming use to achieve its goal?

A.

It modifies the user's Hosts file.

B.

It encrypts files on a user's computer.

C.

It creates a false display advertisement.

D.

It generates a malicious instant message.

Full Access
Question # 46

SCENARIO

Please use the following to answer the next question:

Light Blue Health (LBH) is a healthcare technology company developing a new web and mobile application that collects personal health information from electronic patient health records. The application will use machine learning to recommend potential medical treatments and medications based on information collected from anonymized electronic health records. Patient users may also share health data collected from other mobile apps with the LBH app.

The application requires consent from the patient before importing electronic health records into the application and sharing it with their authorized physicians or healthcare provider. The patient can then review and share the recommended treatments with their physicians securely through the app. The patient user may also share location data and upload photos in the app. The patient user may also share location data and upload photos in the app for a healthcare provider to review along with the health record. The patient may also delegate access to the app.

LBH’s privacy team meets with the Application development and Security teams, as well as key business stakeholders on a periodic basis. LBH also implements Privacy by Design (PbD) into the application development process.

The Privacy Team is conducting a Privacy Impact Assessment (PIA) to evaluate privacy risks during development of the application. The team must assess whether the application is collecting descriptive, demographic or any other user related data from the electronic health records that are not needed for the purposes of the application. The team is also reviewing whether the application may collect additional personal data for purposes for which the user did not provide consent.

The Privacy Team is conducting a Privacy Impact Assessment (PIA) for the new Light Blue Health application currently in development. Which of the following best describes a risk that is likely to result in a privacy breach?

A.

Limiting access to the app to authorized personnel.

B.

Including non-transparent policies, terms and conditions in the app.

C.

Insufficiently deleting personal data after an account reaches its retention period.

D.

Not encrypting the health record when it is transferred to the Light Blue Health servers.

Full Access
Question # 47

A key principle of an effective privacy policy is that it should be?

A.

Written in enough detail to cover the majority of likely scenarios.

B.

Made general enough to maximize flexibility in its application.

C.

Presented with external parties as the intended audience.

D.

Designed primarily by the organization's lawyers.

Full Access
Question # 48

Which technique is most likely to facilitate the deletion of every instance of data associated with a deleted user account from every data store held by an organization?

A.

Auditing the code which deletes user accounts.

B.

Building a standardized and documented retention program for user data deletion.

C.

Monitoring each data store for presence of data associated with the deleted user account.

D.

Training engineering teams on the importance of deleting user accounts their associated data from all data stores when requested.

Full Access
Question # 49

A privacy engineer reviews a newly developed on-line registration page on a company’s website. The purpose of the page is to enable corporate customers to submit a returns / refund request for physical goods. The page displays the following data capture fields: company name, account reference, company address, contact name, email address, contact phone number, product name, quantity, issue description and company bank account details.

After her review, the privacy engineer recommends setting certain capture fields as “non-mandatory”. Setting which of the following fields as “non-mandatory” would be the best example of the principle of data minimization?

A.

The contact phone number field.

B.

The company address and name.

C.

The contact name and email address.

D.

The company bank account detail field.

Full Access
Question # 50

SCENARIO

Please use the following to answer the next question:

Jordan just joined a fitness-tracker start-up based in California, USA, as its first Information Privacy and Security Officer. The company is quickly growing its business but does not sell any of the fitness trackers itself. Instead, it relies on a distribution network of third-party retailers in all major countries. Despite not having any stores, the company has a 78% market share in the EU. It has a website presenting the company and products, and a member section where customers can access their information. Only the email address and physical address need to be provided as part of the registration process in order to customize the site to the user’s region and country. There is also a newsletter sent every month to all members featuring fitness tips, nutrition advice, product spotlights from partner companies based on user behavior and preferences.

Jordan says the General Data Protection Regulation (GDPR) does not apply to the company. He says the company is not established in the EU, nor does it have a processor in the region. Furthermore, it does not do any “offering goods or services” in the EU since it does not do any marketing there, nor sell to consumers directly. Jordan argues that it is the customers who chose to buy the products on their own initiative and there is no “offering” from the company.

The fitness trackers incorporate advanced features such as sleep tracking, GPS tracking, heart rate monitoring. wireless syncing, calorie-counting and step-tracking. The watch must be paired with either a smartphone or a computer in order to collect data on sleep levels, heart rates, etc. All information from the device must be sent to the company’s servers in order to be processed, and then the results are sent to the smartphone or computer. Jordan argues that there is no personal information involved since the company does not collect banking or social security information.

Why is Jordan’s claim that the company does not collect personal information as identified by the GDPR inaccurate?

A.

The potential customers must browse for products online.

B.

The fitness trackers capture sleep and heart rate data to monitor an individual’s behavior.

C.

The website collects the customers’ and users’ region and country information.

D.

The customers must pair their fitness trackers to either smartphones or computers.

Full Access
Question # 51

An organization based in California, USA is implementing a new online helpdesk solution for recording customer call information. The organization considers the capture of personal data on the online helpdesk solution to be in the interest of the company in best servicing customer calls.

Before implementation, a privacy technologist should conduct which of the following?

A.

A Data Protection Impact Assessment (DPIA) and consultation with the appropriate regulator to ensure legal compliance.

B.

A privacy risk and impact assessment to evaluate potential risks from the proposed processing operations.

C.

A Legitimate Interest Assessment (LIA) to ensure that the processing is proportionate and does not override the privacy, rights and freedoms of the customers.

D.

A security assessment of the help desk solution and provider to assess if the technology was developed with a security by design approach.

Full Access
Question # 52

Between November 30th and December 2nd, 2013, cybercriminals successfully infected the credit card payment systems and bypassed security controls of a United States-based retailer with malware that exfiltrated 40 million credit card numbers. Six months prior, the retailer had malware detection software installed to prevent against such an attack.

Which of the following would best explain why the retailer’s consumer data was still exfiltrated?

A.

The detection software alerted the retailer’s security operations center per protocol, but the information security personnel failed to act upon the alerts.

B.

The U.S Department of Justice informed the retailer of the security breach on Dec. 12th, but the retailer took three days to confirm the breach and eradicate the malware.

C.

The IT systems and security measures utilized by the retailer’s third-party vendors were in compliance with industry standards, but their credentials were stolen by black hat hackers who then entered the retailer’s system.

D.

The retailer’s network that transferred personal data and customer payments was separate from the rest of the corporate network, but the malware code was disguised with the name of software that is supposed to protect this information.

Full Access
Question # 53

How can a hacker gain control of a smartphone to perform remote audio and video surveillance?

A.

By performing cross-site scripting.

B.

By installing a roving bug on the phone.

C.

By manipulating geographic information systems.

D.

By accessing a phone's global positioning system satellite signal.

Full Access
Question # 54

Information classification helps an organization protect confidential and nonpublic information primarily because?

A.

It helps identify sensitive and critical information that require very strict safeguards.

B.

It falls under the security principles of confidentiality, integrity, and availability.

C.

It promotes employee accountability for safeguarding confidential information.

D.

It is legally required under most regulations.

Full Access
Question # 55

Which is NOT a way to validate a person's identity?

A.

Swiping a smartcard into an electronic reader.

B.

Using a program that creates random passwords.

C.

Answering a question about "something you know”.

D.

Selecting a picture and tracing a unique pattern on it

Full Access
Question # 56

A jurisdiction requiring an organization to place a link on the website that allows a consumer to opt-out of sharing is an example of what type of requirement?

A.

Functional

B.

Operational

C.

Technical

D.

Use case

Full Access
Question # 57

of the following best describes a network threat model and Its uses?

A.

It Is used in software development to detect programming errors. .

B.

It is a risk-based model used to calculate the probabilities of risks identified during vulnerability tests.

C.

It helps assess the probability, the potential harm, and the priority of attacks to help minimize or eradicate the threats.

D.

It combines the results of vulnerability and penetration tests to provide useful insights into the network's overall threat and security posture.

Full Access
Question # 58

SCENARIO

Please use the following to answer the next question:

Light Blue Health (LBH) is a healthcare technology company developing a new web and mobile application that collects personal health information from electronic patient health records. The application will use machine learning to recommend potential medical treatments and medications based on information collected from anonymized electronic health records. Patient users may also share health data collected from other mobile apps with the LBH app.

The application requires consent from the patient before importing electronic health records into the application and sharing it with their authorized physicians or healthcare provider. The patient can then review and share the recommended treatments with their physicians securely through the app. The patient user may also share location data and upload photos in the app. The patient user may also share location data and upload photos in the app for a healthcare provider to review along with the health record. The patient may also delegate access to the app.

LBH’s privacy team meets with the Application development and Security teams, as well as key business stakeholders on a periodic basis. LBH also implements Privacy by Design (PbD) into the application development process.

The Privacy Team is conducting a Privacy Impact Assessment (PIA) to evaluate privacy risks during development of the application. The team must assess whether the application is collecting descriptive, demographic or any other user related data from the electronic health records that are not needed for the purposes of the application. The team is also reviewing whether the application may collect additional personal data for purposes for which the user did not provide consent.

Regarding the app, which action is an example of a decisional interference violation?

A.

The app asks income level to determine the treatment of care.

B.

The app sells aggregated data to an advertising company without prior consent.

C.

The app has a pop-up ad requesting sign-up for a pharmaceutical company newsletter.

D.

The app asks questions during account set-up to disclose family medical history that is not necessary for the treatment of the individual’s symptoms.

Full Access
Question # 59

What was the first privacy framework to be developed?

A.

OECD Privacy Principles.

B.

Generally Accepted Privacy Principles.

C.

Code of Fair Information Practice Principles (FIPPs).

D.

The Asia-Pacific Economic Cooperation (APEC) Privacy Framework.

Full Access
Question # 60

What element is most conducive to fostering a sound privacy by design culture in an organization?

A.

Ensuring all employees acknowledge and understood the privacy policy.

B.

Frequent privacy and security awareness training for employees.

C.

Monthly reviews of organizational privacy principles.

D.

Gaining advocacy from senior management.

Full Access
Question # 61

Which of the following is an example of drone “swarming”?

A.

A drone filming a cyclist from above as he rides.

B.

A drone flying over a building site to gather data.

C.

Drones delivering retailers’ packages to private homes.

D.

Drones communicating with each other to perform a search and rescue.

Full Access
Question # 62

SCENARIO

Please use the following to answer the next question:

Chuck, a compliance auditor for a consulting firm focusing on healthcare clients, was required to travel to the client’s office to perform an onsite review of the client’s operations. He rented a car from Finley Motors upon arrival at the airport as so he could commute to and from the client’s office. The car rental agreement was electronically signed by Chuck and included his name, address, driver’s license, make/model of the car, billing rate, and additional details describing the rental transaction. On the second night, Chuck was caught by a red light camera not stopping at an intersection on his way to dinner. Chuck returned the car back to the car rental agency at the end week without mentioning the infraction and Finley Motors emailed a copy of the final receipt to the address on file.

Local law enforcement later reviewed the red light camera footage. As Finley Motors is the registered owner of the car, a notice was sent to them indicating the infraction and fine incurred. This notice included the license plate number, occurrence date and time, a photograph of the driver, and a web portal link to a video clip of the violation for further review. Finley Motors, however, was not responsible for the violation as they were not driving the car at the time and transferred the incident to AMP Payment Resources for further review. AMP Payment Resources identified Chuck as the driver based on the rental agreement he signed when picking up the car and then contacted Chuck directly through a written letter regarding the infraction to collect the fine.

After reviewing the incident through the AMP Payment Resources’ web portal, Chuck paid the fine using his personal credit card. Two weeks later, Finley Motors sent Chuck an email promotion offering 10% off a future rental.

What is the strongest method for authenticating Chuck’s identity prior to allowing access to his violation information through the AMP Payment Resources web portal?

A.

By requiring Chuck use the last 4 digits of his driver’s license number in combination with a unique PIN provided within the violation notice.

B.

By requiring Chuck use his credit card number in combination with the last 4 digits of his driver’s license.

C.

By requiring Chuck use the rental agreement number in combination with his email address.

D.

By requiring Chuck to call AMP Payment Resources directly and provide his date of birth and home address.

Full Access
Question # 63

What is the main issue pertaining to data protection with the use of 'deep fakes'?

A.

Misinformation.

B.

Non-conformity with the accuracy principle.

C.

Issues with establishing non-repudiation.

D.

Issues with confidentiality of the information.

Full Access
Question # 64

When releasing aggregates, what must be performed to magnitude data to ensure privacy?

A.

Value swapping.

B.

Noise addition.

C.

Basic rounding.

D.

Top coding.

Full Access
Question # 65

Data oriented strategies Include which of the following?

A.

Minimize. Separate, Abstract, Hide.

B.

Inform, Control, Enforce, Demonstrate.

C.

Encryption, Hashing, Obfuscation, Randomization.

D.

Consent. Contract, Legal Obligation, Legitimate interests.

Full Access
Question # 66

SCENARIO

WebTracker Limited is a cloud-based online marketing service located in London. Last year, WebTracker migrated its IT infrastructure to the cloud provider AmaZure, which provides SQL Databases and Artificial Intelligence services to WebTracker. The roles and responsibilities between the two companies have been formalized in a standard contract, which includes allocating the role of data controller to WebTracker.

The CEO of WebTracker, Mr. Bond, would like to assess the effectiveness of AmaZure's privacy controls, and he recently decided to hire you as an independent auditor. The scope of the engagement is limited only to the marketing services provided by WebTracker, you will not be evaluating any internal data processing activity, such as HR or Payroll.

This ad-hoc audit was triggered due to a future partnership between WebTracker and SmartHome — a partnership that will not require any data sharing. SmartHome is based in the USA, and most recently has dedicated substantial resources to developing smart refrigerators that can suggest the recommended daily calorie intake based on DNA information. This and other personal data is collected by WebTracker.

To get an idea of the scope of work involved, you have decided to start reviewing the company's documentation and interviewing key staff to understand potential privacy risks.

The results of this initial work include the following notes:

    There are several typos in the current privacy notice of WebTracker, and you were not able to find the privacy notice for SmartHome.

    You were unable to identify all the sub-processors working for SmartHome. No subcontractor is indicated in the cloud agreement with AmaZure, which is responsible for the support and maintenance of the cloud infrastructure.

    There are data flows representing personal data being collected from the internal employees of WebTracker, including an interface from the HR system.

    Part of the DNA data collected by WebTracker was from employees, as this was a prototype approved by the CEO of WebTracker.

    All the WebTracker and SmartHome customers are based in USA and Canada.

Which of the following issues is most likely to require an investigation by the Chief Privacy Officer (CPO) of WebTracker?

A.

Data flows use encryption for data at rest, as defined by the IT manager.

B.

AmaZure sends newsletter to WebTracker customers, as approved by the Marketing Manager.

C.

Employees’ personal data are being stored in a cloud HR system, as approved by the HR Manager.

D.

File Integrity Monitoring is being deployed in SQL servers, as indicated by the IT Architect Manager.

Full Access