IAPP CIPT Exam Practice Questions (P. 3)
- Full Access (285 questions)
- Six months of Premium Access
- Access to one million comments
- Seamless ChatGPT Integration
- Ability to download PDF files
- Anki Flashcard files for revision
- No Captcha & No AdSense
- Advanced Exam Configuration
Question #11
SCENARIO -
Kyle is a new security compliance manager who will be responsible for coordinating and executing controls to ensure compliance with the company's information security policy and industry standards. Kyle is also new to the company, where collaboration is a core value. On his first day of new-hire orientation, Kyle's schedule included participating in meetings and observing work in the IT and compliance departments.
Kyle spent the morning in the IT department, where the CIO welcomed him and explained that her department was responsible for IT governance. The CIO and
Kyle engaged in a conversation about the importance of identifying meaningful IT governance metrics. Following their conversation, the CIO introduced Kyle to
Ted and Barney. Ted is implementing a plan to encrypt data at the transportation level of the organization's wireless network. Kyle would need to get up to speed on the project and suggest ways to monitor effectiveness once the implementation was complete. Barney explained that his short-term goals are to establish rules governing where data can be placed and to minimize the use of offline data storage.
Kyle spent the afternoon with Jill, a compliance specialist, and learned that she was exploring an initiative for a compliance program to follow self-regulatory privacy principles. Thanks to a recent internship, Kyle had some experience in this area and knew where Jill could find some support. Jill also shared results of the company's privacy risk assessment, noting that the secondary use of personal information was considered a high risk.
By the end of the day, Kyle was very excited about his new job and his new company. In fact, he learned about an open position for someone with strong qualifications and experience with access privileges, project standards board approval processes, and application-level obligations, and couldn't wait to recommend his friend Ben who would be perfect for the job.
Which data practice is Barney most likely focused on improving?
Kyle is a new security compliance manager who will be responsible for coordinating and executing controls to ensure compliance with the company's information security policy and industry standards. Kyle is also new to the company, where collaboration is a core value. On his first day of new-hire orientation, Kyle's schedule included participating in meetings and observing work in the IT and compliance departments.
Kyle spent the morning in the IT department, where the CIO welcomed him and explained that her department was responsible for IT governance. The CIO and
Kyle engaged in a conversation about the importance of identifying meaningful IT governance metrics. Following their conversation, the CIO introduced Kyle to
Ted and Barney. Ted is implementing a plan to encrypt data at the transportation level of the organization's wireless network. Kyle would need to get up to speed on the project and suggest ways to monitor effectiveness once the implementation was complete. Barney explained that his short-term goals are to establish rules governing where data can be placed and to minimize the use of offline data storage.
Kyle spent the afternoon with Jill, a compliance specialist, and learned that she was exploring an initiative for a compliance program to follow self-regulatory privacy principles. Thanks to a recent internship, Kyle had some experience in this area and knew where Jill could find some support. Jill also shared results of the company's privacy risk assessment, noting that the secondary use of personal information was considered a high risk.
By the end of the day, Kyle was very excited about his new job and his new company. In fact, he learned about an open position for someone with strong qualifications and experience with access privileges, project standards board approval processes, and application-level obligations, and couldn't wait to recommend his friend Ben who would be perfect for the job.
Which data practice is Barney most likely focused on improving?
send
light_mode
delete
Question #12
What is the main function of a breach response center?
- ADetecting internal security attacks.
- BAddressing privacy incidents.
- CProviding training to internal constituencies.
- DInterfacing with privacy regulators and governmental bodies.
Correct Answer:
B
B
send
light_mode
delete
Question #13
Which is NOT a suitable action to apply to data when the retention period ends?
send
light_mode
delete
Question #14
What is the distinguishing feature of asymmetric encryption?
- AIt has a stronger key for encryption than for decryption.
- BIt employs layered encryption using dissimilar methods.
- CIt uses distinct keys for encryption and decryption.
- DIt is designed to cross operating systems.
Correct Answer:
C
Reference:
https://www.cryptomathic.com/news-events/blog/classification-of-cryptographic-keys-functions-and-properties
C
Reference:
https://www.cryptomathic.com/news-events/blog/classification-of-cryptographic-keys-functions-and-properties
send
light_mode
delete
Question #15
What is the most important requirement to fulfill when transferring data out of an organization?
- AEnsuring the organization sending the data controls how the data is tagged by the receiver.
- BEnsuring the organization receiving the data performs a privacy impact assessment.
- CEnsuring the commitments made to the data owner are followed.
- DExtending the data retention schedule as needed.
Correct Answer:
C
C
send
light_mode
delete
All Pages