CIPT V1

SCENARIO Carol was a U.S.-based glassmaker who sold her work at art festivals. She kept things simple by only accepting cash and personal checks. As business grew, Carol couldn't keep up with demand, and traveling to festivals became burdensome. Carol opened a small boutique and hired Sam to run it...

Which is NOT a way to validate a person's identity?A . Swiping a smartcard into an electronic reader. B. Using a program that creates random passwords. C. Answering a question about "something you know”. D. Selecting a picture and tracing a unique pattern on itView AnswerAnswer: B

All of the following topics should be included in a workplace surveillance policy EXCEPT?A . Who can be tracked and when. B. Who can access surveillance data. C. What areas can be placed under surveillance. D. Who benefits from collecting surveillance data.View AnswerAnswer: D Explanation: who benefits from collecting surveillance...

An organization based in California, USA is implementing a new online helpdesk solution for recording customer call information. The organization considers the capture of personal data on the online helpdesk solution to be in the interest of the company in best servicing customer calls. Before implementation, a privacy technologist should...

Which of the following is a stage in the data life cycle?A . Data classification. B. Data inventory. C. Data masking. D. Data retention.View AnswerAnswer: D Explanation: The stages in a typical data lifecycle include creation/collection, processing, storage/retention, usage/access/sharing/distribution, archival/preservation and destruction/deletion/disposition 3. Among these options provided here only “Data...

Which is NOT a drawback to using a biometric recognition system?A . It can require more maintenance and support. B. It can be more expensive than other systems C. It has limited compatibility across systems. D. It is difficult for people to use.View AnswerAnswer: A

What must be done to destroy data stored on "write once read many" (WORM) media?A . The data must be made inaccessible by encryption. B. The erase function must be used to remove all data. C. The media must be physically destroyed. D. The media must be reformatted.View AnswerAnswer: C

An organization has recently experienced a data breach where large amounts of personal data were compromised. As part of a post-incident review, the privacy technologist wants to analyze available data to understand what vulnerabilities may have contributed to the incident occurring. He learns that a key vulnerability had been flagged...

When writing security policies, the most important consideration is to?A . Require all employees to read and acknowledge their understanding. B. Ensure they are based on the organization's risk profile. C. Ensure they cover enough details for common situations. D. Follow industry best practices.View AnswerAnswer: B Explanation: the most important...

To meet data protection and privacy legal requirements that may require personal data to be disposed of or deleted when no longer necessary for the use it was collected, what is the best privacy-enhancing solution a privacy technologist should recommend be implemented in application design to meet this requirement?A ....