This page was exported from Valid Premium Exam [ http://premium.validexam.com ] Export date:Mon Feb 24 12:34:23 2025 / +0000 GMT ___________________________________________________ Title: Jun-2022 Free CDPSE Test Questions Real Practice Test Questions [Q14-Q38] --------------------------------------------------- Jun-2022 Free CDPSE Test Questions Real Practice Test Questions CDPSE Dumps Updated Jun 05, 2022 WIith 122 Questions NEW QUESTION 14An organization is developing a wellness smartwatch application and is considering what information should be collected from the application users. Which of the following is the MOST legitimate information to collect for business reasons in this situation?  Height, weight, and activities  Sleep schedule and calorie intake  Education and profession  Race, age, and gender NEW QUESTION 15A global organization is planning to implement a customer relationship management (CRM) system to be used in offices based in multiple countries. Which of the following is the MOST important data protection consideration for this project?  Industry best practice related to information security standards in each relevant jurisdiction  Identity and access management mechanisms to restrict access based on need to know  Encryption algorithms for securing customer personal data at rest and in transit  National data privacy legislative and regulatory requirements in each relevant jurisdiction NEW QUESTION 16Which of the following should be done FIRST to establish privacy to design when developing a contact-tracing application?  Conduct a privacy impact assessment (PIA).  Conduct a development environment review.  Identify privacy controls for the application.  Identify differential privacy techniques. NEW QUESTION 17Which of the following is MOST likely to present a valid use case for keeping a customer’s personal data after contract termination?  For the purpose of medical research  A forthcoming campaign to win back customers  A required retention period due to regulations  Ease of onboarding when the customer returns NEW QUESTION 18Which of the following is the BEST way to limit the organization’s potential exposure in the event of consumer data loss while maintaining the traceability of the data?  De-identify the data.  Require a digital signature.  Use a unique hashing algorithm.  Encrypt the data at rest. NEW QUESTION 19What type of personal information can be collected by a mobile application without consent?  Full name  Geolocation  Phone number  Accelerometer data NEW QUESTION 20Which of the following should an IT privacy practitioner do FIRST before an organization migrates personal data from an on-premise solution to a cloud-hosted solution?  Develop and communicate a data security plan.  Perform a privacy impact assessment (PIA).  Ensure strong encryption is used.  Conduct a security risk assessment. NEW QUESTION 21When using pseudonymization to prevent unauthorized access to personal data, which of the following is the MOST important consideration to ensure the data is adequately protected?  The data must be protected by multi-factor authentication.  The identifier must be kept separate and distinct from the data it protects.  The key must be a combination of alpha and numeric characters.  The data must be stored in locations protected by data loss prevention (DLP) technology. NEW QUESTION 22Which of the following rights is an important consideration that allows data subjects to request the deletion of their data?  The right to object  The right to withdraw consent  The right to access  The right to be forgotten NEW QUESTION 23Which of the following is a responsibility of the audit function in helping an organization address privacy compliance requirements?  Approving privacy impact assessments (PIAs)  Validating the privacy framework  Managing privacy notices provided to customers  Establishing employee privacy rights and consent NEW QUESTION 24A software development organization with remote personnel has implemented a third-party virtualized workspace to allow the teams to collaborate. Which of the following should be of GREATEST concern?  The third-party workspace is hosted in a highly regulated jurisdiction.  Personal data could potentially be exfiltrated through the virtual workspace.  The organization’s products are classified as intellectual property.  There is a lack of privacy awareness and training among remote personnel. NEW QUESTION 25What is the BEST method to protect customers’ personal data that is forwarded to a central system for analysis?  Pseudonymization  Deletion  Encryption  Anonymization NEW QUESTION 26Which of the following is the BEST control to secure application programming interfaces (APIs) that may contain personal information?  Encrypting APIs with the organization’s private key  Requiring nondisclosure agreements (NDAs) when sharing APIs  Restricting access to authorized users  Sharing only digitally signed APIs NEW QUESTION 27Which of the following is the PRIMARY benefit of implementing policies and procedures for system hardening?  It increases system resiliency.  It reduces external threats to data.  It reduces exposure of data.  It eliminates attack motivation for data. NEW QUESTION 28Which of the following is the BEST approach to minimize privacy risk when collecting personal data?  Use a third party to collect, store, and process the data.  Collect data through a secure organizational web server.  Collect only the data necessary to meet objectives.  Aggregate the data immediately upon collection. NEW QUESTION 29A global financial institution is implementing data masking technology to protect personal data used for testing purposes in non-production environments. Which of the following is the GREATEST challenge in this situation?  Access to personal data is not strictly controlled in development and testing environments.  Complex relationships within and across systems must be retained for testing.  Personal data across the various interconnected systems cannot be easily identified.  Data masking tools are complex and difficult to implement. NEW QUESTION 30Of the following, who should be PRIMARILY accountable for creating an organization’s privacy management strategy?  Chief data officer (CDO)  Privacy steering committee  Information security steering committee  Chief privacy officer (CPO) Some organizations, typically those that manage large amounts of personal information related to employees, customers, or constituents, will employ a chief privacy officer (CPO). Some organizations have a CPO because applicable regulations such as the Gramm-Leach-Bliley Act (GLBA) require it. Other regulations such as the Health Information Portability and Accountability Act (HIPAA), the Fair Credit Reporting Act (FCRA), and the GLBA place a slate of responsibilities upon an organization that compels them to hire an executive responsible for overseeing compliance.NEW QUESTION 31When choosing data sources to be used within a big data architecture, which of the following data attributes MUST be considered to ensure data is not aggregated?  Accuracy  Granularity  Consistency  Reliability NEW QUESTION 32Before executive leadership approves a new data privacy policy, it is MOST important to ensure:  a training program is developed.  a privacy committee is established.  a distribution methodology is identified.  a legal review is conducted. NEW QUESTION 33Which of the following is the best way to reduce the risk of compromised credentials when an organization allows employees to have remote access?  Enable whole disk encryption on remote devices.  Purchase an endpoint detection and response (EDR) tool.  Implement multi-factor authentication.  Deploy single sign-on with complex password requirements. NEW QUESTION 34Data collected by a third-party vendor and provided back to the organization may not be protected according to the organization’s privacy notice. Which of the following is the BEST way to address this concern?  Review the privacy policy.  Obtain independent assurance of current practices.  Re-assess the information security requirements.  Validate contract compliance. NEW QUESTION 35Which of the following should be used to address data kept beyond its intended lifespan?  Data minimization  Data anonymization  Data security  Data normalization NEW QUESTION 36An organization is concerned with authorized individuals accessing sensitive personal customer information to use for unauthorized purposes. Which of the following technologies is the BEST choice to mitigate this risk?  Email filtering system  Intrusion monitoring  Mobile device management (MDM)  User behavior analytics NEW QUESTION 37What is the BEST way for an organization to maintain the effectiveness of its privacy breach incident response plan?  Require security management to validate data privacy security practices.  Involve the privacy office in an organizational review of the incident response plan.  Hire a third party to perform a review of data privacy processes.  Conduct annual data privacy tabletop exercises. Because many privacy incidents are also security incidents, the development of a privacy incident response plan should be performed in close cooperation with the security manager to avoid duplication of effort and to utilize existing response plan resources and practices.NEW QUESTION 38An online business posts its customer data protection notice that includes a statement indicating information is collected on how products are used, the content viewed, and the time and duration of online activities. Which data protection principle is applied?  Data integrity and confidentiality  System use requirements  Data use limitation  Lawfulness and fairness  Loading … View All CDPSE Actual Free Exam Questions Updated: https://www.validexam.com/CDPSE-latest-dumps.html --------------------------------------------------- Images: https://premium.validexam.com/wp-content/plugins/watu/loading.gif https://premium.validexam.com/wp-content/plugins/watu/loading.gif --------------------------------------------------- --------------------------------------------------- Post date: 2022-06-05 12:57:19 Post date GMT: 2022-06-05 12:57:19 Post modified date: 2022-06-05 12:57:19 Post modified date GMT: 2022-06-05 12:57:19