[Aug 26, 2022] CDPSE Dumps PDF and Test Engine Exam Questions - TestBraindump [Q43-Q66] | TestBraindump

[Aug 26, 2022] CDPSE Dumps PDF and Test Engine Exam Questions - TestBraindump [Q43-Q66]

Share

[Aug 26, 2022] CDPSE Dumps PDF and Test Engine Exam Questions - TestBraindump

Verified CDPSE exam dumps Q&As with Correct 122 Questions and Answers

NEW QUESTION 43
Data collected by a third-party vendor and provided back to the organization may not be protected according to the organization's privacy notice. Which of the following is the BEST way to address this concern?

  • A. Re-assess the information security requirements.
  • B. Obtain independent assurance of current practices.
  • C. Review the privacy policy.
  • D. Validate contract compliance.

Answer: A

 

NEW QUESTION 44
Of the following, who should be PRIMARILY accountable for creating an organization's privacy management strategy?

  • A. Information security steering committee
  • B. Chief privacy officer (CPO)
  • C. Chief data officer (CDO)
  • D. Privacy steering committee

Answer: B

Explanation:
Some organizations, typically those that manage large amounts of personal information related to employees, customers, or constituents, will employ a chief privacy officer (CPO). Some organizations have a CPO because applicable regulations such as the Gramm-Leach-Bliley Act (GLBA) require it. Other regulations such as the Health Information Portability and Accountability Act (HIPAA), the Fair Credit Reporting Act (FCRA), and the GLBA place a slate of responsibilities upon an organization that compels them to hire an executive responsible for overseeing compliance.

 

NEW QUESTION 45
As part of a major data discovery initiative to identify personal data across the organization, the project team has identified the proliferation of personal data held as unstructured data as a major risk. What should be done FIRST to address this situation?

  • A. Classify sensitive unstructured data.
  • B. Identify sensitive unstructured data at the point of creation.
  • C. Identify who has access to sensitive unstructured data.
  • D. Assign an owner to sensitive unstructured data.

Answer: B

 

NEW QUESTION 46
Which of the following vulnerabilities is MOST effectively mitigated by enforcing multi-factor authentication to obtain access to personal information?

  • A. End users forgetting their passwords
  • B. End users using weak passwords
  • C. Vulnerabilities existing in authentication pages
  • D. Organizations using weak encryption to transmit data

Answer: B

 

NEW QUESTION 47
What is the PRIMARY means by which an organization communicates customer rights as it relates to the use of their personal information?

  • A. Publishing a privacy notice
  • B. Distributing a privacy rights policy
  • C. Mailing rights documentation to customers
  • D. Gaining consent when information is collected

Answer: D

 

NEW QUESTION 48
Which of the following is the PRIMARY benefit of implementing policies and procedures for system hardening?

  • A. It reduces external threats to data.
  • B. It eliminates attack motivation for data.
  • C. It reduces exposure of data.
  • D. It increases system resiliency.

Answer: A

 

NEW QUESTION 49
Which of the following zones within a data lake requires sensitive data to be encrypted or tokenized?

  • A. Temporal zone
  • B. Clean zone
  • C. Raw zone
  • D. Trusted zone

Answer: A

 

NEW QUESTION 50
Which of the following deployed at an enterprise level will MOST effectively block malicious tracking of user Internet browsing?

  • A. Web application firewall (WAF)
  • B. Desktop antivirus software
  • C. Domain name system (DNS) sinkhole
  • D. Website URL blacklisting

Answer: A

 

NEW QUESTION 51
Which key stakeholder within an organization should be responsible for approving the outcomes of a privacy impact assessment (PIA)?

  • A. Data owner
  • B. Privacy data analyst
  • C. Data custodian
  • D. Data processor

Answer: A

 

NEW QUESTION 52
Which of the following describes a user's "right to be forgotten"?

  • A. The individual objects despite legitimate grounds for processing.
  • B. The data is no longer required for the purpose originally collected.
  • C. The data is being used to comply with legal obligations or the public interest.
  • D. The individual's legal residence status has recently changed.

Answer: C

 

NEW QUESTION 53
During which of the following system lifecycle stages is it BEST to conduct a privacy impact assessment (PIA) on a system that holds personal data?

  • A. Functional testing
  • B. Production
  • C. User acceptance testing (UAT)
  • D. Development

Answer: A

 

NEW QUESTION 54
Which of the following processes BEST enables an organization to maintain the quality of personal data?

  • A. Implementing routine automatic validation
  • B. Updating the data quality standard through periodic review
  • C. Maintaining hashes to detect changes in data
  • D. Encrypting personal data at rest

Answer: B

 

NEW QUESTION 55
What type of personal information can be collected by a mobile application without consent?

  • A. Geolocation
  • B. Accelerometer data
  • C. Phone number
  • D. Full name

Answer: B

 

NEW QUESTION 56
Which of the following system architectures BEST supports anonymity for data transmission?

  • A. Plug-in-based
  • B. Front-end
  • C. Client-server
  • D. Peer-to-peer

Answer: C

 

NEW QUESTION 57
Which of the following tracking technologies associated with unsolicited targeted advertisements presents the GREATEST privacy risk?

  • A. Radio frequency identification (RFID)
  • B. Beacon-based tracking
  • C. Online behavioral tracking
  • D. Website cookies

Answer: D

 

NEW QUESTION 58
An organization is developing a wellness smartwatch application and is considering what information should be collected from the application users. Which of the following is the MOST legitimate information to collect for business reasons in this situation?

  • A. Race, age, and gender
  • B. Sleep schedule and calorie intake
  • C. Education and profession
  • D. Height, weight, and activities

Answer: B

 

NEW QUESTION 59
Which of the following is the PRIMARY reason that a single cryptographic key should be used for only one purpose, such as encryption or authentication?

  • A. It minimizes the risk if the cryptographic key is compromised.
  • B. It is more practical and efficient to use a single cryptographic key.
  • C. Each process can only be supported by its own unique key management process.
  • D. It eliminates cryptographic key collision.

Answer: B

 

NEW QUESTION 60
Which of the following should be of GREATEST concern when an organization wants to store personal data in the cloud?

  • A. The organization's potential legal liabilities related to the data
  • B. The data recovery capabilities of the storage provider
  • C. Any vulnerabilities identified in the cloud system
  • D. The data security policies and practices of the storage provider

Answer: D

 

NEW QUESTION 61
What is the BEST method to protect customers' personal data that is forwarded to a central system for analysis?

  • A. Encryption
  • B. Deletion
  • C. Anonymization
  • D. Pseudonymization

Answer: A

 

NEW QUESTION 62
An organization want to develop an application programming interface (API) to seamlessly exchange personal data with an application hosted by a third-party service provider. What should be the FIRST step when developing an application link?

  • A. Data hashing
  • B. Data mapping
  • C. Data normalization
  • D. Data tagging

Answer: B

 

NEW QUESTION 63
An organization has a policy requiring the encryption of personal data if transmitted through email. Which of the following is the BEST control to ensure the effectiveness of this policy?

  • A. Conduct regular control self-assessments (CSAs).
  • B. Enforce annual attestation to policy compliance.
  • C. Provide periodic user awareness training on data encryption.
  • D. Implement a data loss prevention (DLP) tool.

Answer: D

 

NEW QUESTION 64
Which of the following vulnerabilities would have the GREATEST impact on the privacy of information?

  • A. Poor patch management
  • B. Lack of password complexity
  • C. Private key exposure
  • D. Out-of-date antivirus signatures

Answer: B

 

NEW QUESTION 65
Which of the following hard drive sanitation methods provides an organization with the GREATEST level of assurance that data has been permanently erased?

  • A. Crypto-shredding the drive
  • B. Factory resetting the drive
  • C. Degaussing the drive
  • D. Reformatting the drive

Answer: C

 

NEW QUESTION 66
......

ISACA CDPSE Test Engine PDF - All Free Dumps: https://www.testbraindump.com/CDPSE-exam-prep.html

Get New CDPSE Certification – Valid Exam Dumps Questions: https://drive.google.com/open?id=1cON3e36exyzFjpaKA7MaWr1cJezvNNeY