Isaca
CDPSE
Q1:
Who is ULTIMATELY accountable for the protection of personal data collected by an organization?
○
A
Data processor○
B
Data owner○
C
Data custodian○
D
Data protection officer
Isaca
CDPSE
Q2:
Which of the following practices BEST indicates an organization follows the data minimization principle?
○
A
Data is pseudonymized when being backed up.○
B
Data is encrypted before storage.○
C
Data is only accessible on a need-to-know basis.○
D
Data is regularly reviewed tor its relevance
Isaca
CDPSE
Q3:
Which of the following is a role PRIMARILY assigned to an internal data owner?
○
A
Monitoring data retention periods○
B
Authorizing access rights○
C
Serving as primary contact with regulators○
D
Implementing appropriate technical controls
Isaca
CDPSE
Q4:
What is the PRIMARY means by which an organization communicates customer rights as it relates to the use of their personal information?
○
A
Gaining consent when information is collected○
B
Publishing a privacy notice○
C
Mailing rights documentation to customers○
D
Distributing a privacy rights policy
Isaca
CDPSE
Q5:
What is the BES T way for an organization to maintain the effectiveness of its privacy breach incident response plan?
○
A
Require security management to validate data privacy security practices.○
B
Conduct annual data privacy tabletop exercises○
C
Hire a third party to perform a review of data privacy processes.○
D
Involve the privacy office in an organizational review of the incident response plan.