CDPSE: Certified Data Privacy Solutions Engineer → CDPSE: Certified Data Privacy Solutions Engineer Part 3

CDPSE: Certified Data Privacy Solutions Engineer Part 3

Question #: 81
Topic #: 1
When using pseudonymization to prevent unauthorized access to personal data, which of the following is the MOST important consideration to ensure the data is adequately protected?

A. The data must be protected by multi-factor authentication.
B. The identifier must be kept separate and distinct from the data it protects.
C. The key must be a combination of alpha and numeric characters.
D. The data must be stored in locations protected by data loss prevention (DLP) technology.

Selected Answer: B
———————————————————————-

Question #: 82
Topic #: 1
Which of the following is a PRIMARY consideration to protect against privacy violations when utilizing artificial intelligence (AI) driven business decisions?

A. De-identifying the data to be analyzed
B. Verifying the data subjects have consented to the processing
C. Defining the intended objectives
D. Ensuring proper data sets are used to train the models

Selected Answer: B
———————————————————————-

Question #: 83
Topic #: 1
Which of the following is the BEST way to limit the organization’s potential exposure in the event of consumer data loss while maintaining the traceability of the data?

A. Encrypt the data at rest.
B. De-identify the data.
C. Use a unique hashing algorithm.
D. Require a digital signature.

Selected Answer: B
———————————————————————-

Question #: 84
Topic #: 1
To ensure effective management of an organization’s data privacy policy, senior leadership MUST define:

A. training and testing requirements for employees handling personal data.
B. roles and responsibilities of the person with oversight.
C. metrics and outcomes recommended by external agencies.
D. the scope and responsibilities of the data owner.

Selected Answer: B
———————————————————————-

Question #: 85
Topic #: 1
Which authentication practice is being used when an organization requires a photo on a government-issued identification card to validate an in-person credit card purchase?

A. Possession factor authentication
B. Knowledge-based credential authentication
C. Multi-factor authentication
D. Biometric authentication

Selected Answer: D
———————————————————————-

Question #: 86
Topic #: 1
Which of the following BEST ensures data confidentiality across databases?

A. Logical data model
B. Data normalization
C. Data catalog vocabulary
D. Data anonymization

Selected Answer: D
———————————————————————-

Question #: 87
Topic #: 1
Which of the following BEST ensures a mobile application implementation will meet an organization’s data security standards?

A. User acceptance testing (UAT)
B. Data classification
C. Privacy impact assessment (PIA)
D. Automatic dynamic code scan

Selected Answer: C
———————————————————————-

Question #: 88
Topic #: 1
Which of the following vulnerabilities would have the GREATEST impact on the privacy of information?

A. Private key exposure
B. Poor patch management
C. Lack of password complexity
D. Out-of-date antivirus signatures

Selected Answer: A
———————————————————————-

Question #: 89
Topic #: 1
Which of the following is the PRIMARY benefit of implementing policies and procedures for system hardening?

A. It increases system resiliency.
B. It reduces external threats to data.
C. It reduces exposure of data.
D. It eliminates attack motivation for data.

Selected Answer: C
———————————————————————-

Question #: 90
Topic #: 1
Which of the following is MOST important to consider when managing changes to the provision of services by a third party that processes personal data?

A. Changes to current information architecture
B. Updates to data life cycle policy
C. Business impact due to the changes
D. Modifications to data quality standards

Selected Answer: C
———————————————————————-

Question #: 91
Topic #: 1
Which of the following is the MOST important consideration when using advanced data sanitization methods to ensure privacy data will be unrecoverable?

A. Subject matter expertise
B. Type of media
C. Regulatory compliance requirements
D. Location of data

Selected Answer: B
———————————————————————-

Question #: 92
Topic #: 1
Which of the following techniques mitigates design flaws in the application development process that may contribute to potential leakage of personal data?

A. User acceptance testing (UAT)
B. Patch management
C. Software hardening
D. Web application firewall (WAF)

Selected Answer: C
———————————————————————-

Question #: 93
Topic #: 1
An email opt-in form on a website applies to which privacy principle?

A. Accuracy
B. Consent
C. Transparency
D. Integrity

Selected Answer: B
———————————————————————-

Question #: 94
Topic #: 1
Which of the following is the PRIMARY reason that a single cryptographic key should be used for only one purpose, such as encryption or authentication?

A. It eliminates cryptographic key collision.
B. It minimizes the risk if the cryptographic key is compromised.
C. It is more practical and efficient to use a single cryptographic key.
D. Each process can only be supported by its own unique key management process.

Selected Answer: B
———————————————————————-

Question #: 95
Topic #: 1
Which of the following is MOST likely to present a valid use case for keeping a customer’s personal data after contract termination?

A. For the purpose of medical research
B. A forthcoming campaign to win back customers
C. A required retention period due to regulations
D. Ease of onboarding when the customer returns

Selected Answer: C
———————————————————————-

Question #: 96
Topic #: 1
During which of the following system lifecycle stages is it BEST to conduct a privacy impact assessment (PIA) on a system that holds personal data?

A. Functional testing
B. Development
C. Production
D. User acceptance testing (UAT)

Selected Answer: B
———————————————————————-

Question #: 97
Topic #: 1
Which of the following is the BEST approach for a local office of a global organization faced with multiple privacy-related compliance requirements?

A. Focus on developing a risk action plan based on audit reports.
B. Focus on requirements with the highest organizational impact.
C. Focus on global compliance before meeting local requirements.
D. Focus on local standards before meeting global compliance.

Selected Answer: B
———————————————————————-

Question #: 98
Topic #: 1
Which of the following is the PRIMARY reason that organizations need to map the data flows of personal data?

A. To assess privacy risks
B. To evaluate effectiveness of data controls
C. To determine data integration gaps
D. To comply with regulations

Selected Answer: A
———————————————————————-

Question #: 99
Topic #: 1
Which of the following is the MOST important consideration when writing an organization’s privacy policy?

A. Using a standardized business taxonomy
B. Aligning statements to organizational practices
C. Ensuring acknowledgment by the organization’s employees
D. Including a development plan for personal data handling

Selected Answer: B
———————————————————————-

Question #: 100
Topic #: 1
Which of the following is the BEST method to ensure the security of encryption keys when transferring data containing personal information between cloud applications?

A. Whole disk encryption
B. Asymmetric encryption
C. Digital signature
D. Symmetric encryption

Selected Answer: B
———————————————————————-

Question #: 101
Topic #: 1
Which of the following BEST supports an organization’s efforts to create and maintain desired privacy protection practices among employees?

A. Skills training programs
B. Awareness campaigns
C. Performance evaluations
D. Code of conduct principles

Selected Answer: B
———————————————————————-

Question #: 102
Topic #: 1
When using pseudonymization to prevent unauthorized access to personal data, which of the following is the MOST important consideration to ensure the data is adequately protected?

Selected Answer: B
———————————————————————-

Question #: 103
Topic #: 1
Which of the following hard drive sanitation methods provides an organization with the GREATEST level of assurance that data has been permanently erased?

A. Degaussing the drive
B. Factory resetting the drive
C. Crypto-shredding the drive
D. Reformatting the drive

Selected Answer: A
———————————————————————-

Question #: 104
Topic #: 1
Which of the following is the BEST way to limit the organization’s potential exposure in the event of consumer data loss while maintaining the traceability of the data?

A. Encrypt the data at rest.
B. De-identify the data.
C. Use a unique hashing algorithm.
D. Require a digital signature.

Selected Answer: B
———————————————————————-

Question #: 105
Topic #: 1
Which of the following describes a user’s “right to be forgotten”?

A. The data is being used to comply with legal obligations or the public interest.
B. The data is no longer required for the purpose originally collected.
C. The individual objects despite legitimate grounds for processing.
D. The individual’s legal residence status has recently changed.

Selected Answer: B
———————————————————————-

Question #: 106
Topic #: 1
Which authentication practice is being used when an organization requires a photo on a government-issued identification card to validate an in-person credit card purchase?

A. Possession factor authentication
B. Knowledge-based credential authentication
C. Multi-factor authentication
D. Biometric authentication

Selected Answer: D
———————————————————————-

Question #: 107
Topic #: 1
When choosing data sources to be used within a big data architecture, which of the following data attributes MUST be considered to ensure data is not aggregated?

A. Accuracy
B. Granularity
C. Consistency
D. Reliability

Selected Answer: B
———————————————————————-

Question #: 108
Topic #: 1
Which of the following BEST ensures a mobile application implementation will meet an organization’s data security standards?

A. User acceptance testing (UAT)
B. Data classification
C. Privacy impact assessment (PIA)
D. Automatic dynamic code scan

Selected Answer: C
———————————————————————-

Question #: 109
Topic #: 1
Which of the following should be used to address data kept beyond its intended lifespan?

A. Data minimization
B. Data anonymization
C. Data security
D. Data normalization

Selected Answer: A
———————————————————————-

Question #: 110
Topic #: 1
Which of the following is the PRIMARY benefit of implementing policies and procedures for system hardening?

A. It increases system resiliency.
B. It reduces external threats to data.
C. It reduces exposure of data.
D. It eliminates attack motivation for data.

Selected Answer: C
———————————————————————-

Question #: 111
Topic #: 1
Which of the following would MOST effectively reduce the impact of a successful breach through a remote access solution?

A. Compartmentalizing resource access
B. Regular testing of system backups
C. Monitoring and reviewing remote access logs
D. Regular physical and remote testing of the incident response plan

Selected Answer: A
———————————————————————-

Question #: 112
Topic #: 1
Which of the following is the MOST important consideration when using advanced data sanitization methods to ensure privacy data will be unrecoverable?

A. Subject matter expertise
B. Type of media
C. Regulatory compliance requirements
D. Location of data

Selected Answer: B
———————————————————————-

Question #: 113
Topic #: 1
A multinational corporation is planning a big data initiative to help with critical business decisions. Which of the following is the BEST way to ensure personal data usage is standardized across the entire organization?

A. De-identify all data.
B. Develop a data dictionary.
C. Encrypt all sensitive data.
D. Perform data discovery.

Selected Answer: B
———————————————————————-

Question #: 114
Topic #: 1
An email opt-in form on a website applies to which privacy principle?

A. Accuracy
B. Consent
C. Transparency
D. Integrity

Selected Answer: B
———————————————————————-

Question #: 115
Topic #: 1
An organization’s data destruction guidelines should require hard drives containing personal data to go through which of the following processes prior to being crushed?

A. Low-level formatting
B. Remote partitioning
C. Degaussing
D. Hammer strike

Selected Answer: C
———————————————————————-

Question #: 116
Topic #: 1
Which of the following is MOST likely to present a valid use case for keeping a customer’s personal data after contract termination?

A. For the purpose of medical research
B. A forthcoming campaign to win back customers
C. A required retention period due to regulations
D. Ease of onboarding when the customer returns

Selected Answer: C
———————————————————————-

Question #: 117
Topic #: 1
Which of the following processes BEST enables an organization to maintain the quality of personal data?

A. Implementing routine automatic validation
B. Maintaining hashes to detect changes in data
C. Encrypting personal data at rest
D. Updating the data quality standard through periodic review

Selected Answer: A
———————————————————————-

Question #: 118
Topic #: 1
Which of the following is the BEST approach for a local office of a global organization faced with multiple privacy-related compliance requirements?

Selected Answer: B
———————————————————————-

Question #: 119
Topic #: 1
Which of the following is the MOST important consideration when determining retention periods for personal data?

A. Sectoral best practices for the industry
B. Notice provided to customers during data collection
C. Data classification standards
D. Storage capacity available for retained data

Selected Answer: B
———————————————————————-

Question #: 120
Topic #: 1
Which of the following is the MOST important consideration when writing an organization’s privacy policy?

Selected Answer: B

Cart

Practice Exam

Install openssl-1.0.2k on Amazon Linux 2023

Protect Your System: Understanding CVE-2024-3400 Zero-Day Vulnerability

Cart