A global organization is planning to implement a customer relationship management (CRM) system to be used in offices based in multiple countries. Which of the following is the MOST important data protection consideration for this project?
A. Industry best practice related to information security standards in each relevant jurisdiction
B. Identity and access management mechanisms to restrict access based on need to know
C. Encryption algorithms for securing customer personal data at rest and in transit
D. National data privacy legislative and regulatory requirements in each relevant jurisdiction
Which of the following is the BEST control to secure application programming interfaces (APIs) that may contain personal information?
A. Encrypting APIs with the organization's private key
B. Requiring nondisclosure agreements (NDAs) when sharing APIs
C. Restricting access to authorized users
D. Sharing only digitally signed APIs
An organization is planning a new implementation for tracking consumer web browser activity. Which of the following should be done FIRST?
A. Seek approval from regulatory authorities.
B. Conduct a privacy impact assessment (PIA).
C. Obtain consent from the organization's clients.
D. Review and update the cookie policy.
Which of the following protocols BEST protects end-to-end communication of personal data?
A. Transmission Control Protocol (TCP)
B. Transport Layer Security Protocol (TLS)
C. Secure File Transfer Protocol (SFTP)
D. Hypertext Transfer Protocol (HTTP)
Which of the following is a PRIMARY objective of performing a privacy impact assessment (PIA) prior to onboarding a new Software as a Service (SaaS) provider for a customer relationship management (CRM) system?
A. To identify controls to mitigate data privacy risks
B. To classify personal data according to the data classification scheme
C. To assess the risk associated with personal data usage
D. To determine the service provider's ability to maintain data protection controls
Which of the following is the BEST way to distinguish between a privacy risk and compliance risk?
A. Perform a privacy risk audit.
B. Conduct a privacy risk assessment.
C. Validate a privacy risk attestation.
D. Conduct a privacy risk remediation exercise.
It is MOST important to consider privacy by design principles during which phase of the software development life cycle (SDLC)?
A. Application design
B. Requirements definition
C. Implementation
D. Testing
An organization is developing a wellness smartwatch application and is considering what information should be collected from the application users. Which of the following is the MOST legitimate information to collect for business reasons in this situation?
A. Height, weight, and activities
B. Sleep schedule and calorie intake
C. Education and profession
D. Race, age, and gender
When a government's health division establishes the complete privacy regulation for only the health market, which privacy protection reference model is being used?
A. Co-regulatory
B. Sectoral
C. Comprehensive
D. Self-regulatory
An organization uses analytics derived from archived transaction data to create individual customer profiles for customizing product and service offerings. Which of the following is the IT privacy practitioner's BEST recommendation?
A. Anonymize personal data.
B. Discontinue the creation of profiles.
C. Implement strong access controls.
D. Encrypt data at rest.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Isaca exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CDPSE exam preparations and Isaca certification application, do not hesitate to visit our Vcedump.com to find your solutions here.