CIPP-US Exam Details

  • Exam Code
    :CIPP-US
  • Exam Name
    :Certified Information Privacy Professional/United States (CIPP/US)
  • Certification
    :IAPP Certifications
  • Vendor
    :IAPP
  • Total Questions
    :198 Q&As
  • Last Updated
    :Jun 28, 2026

IAPP CIPP-US Online Questions & Answers

  • Question 191:

    In a data sharing arrangement, which of the following organizations would determine the rules that apply to the processing of the data being shared?

    A. The business associate.
    B. The hosting provider.
    C. The data processor.
    D. The data controller.

  • Question 192:

    SuperMart is a large Nevada-based business that has recently determined it sells what constitutes "covered information" under Nevada's privacy law, Senate Bill 260. Which of the following privacy compliance steps would best help SuperMart comply with the law?

    A. Providing a mechanism for consumers to opt out of sales.
    B. Implementing internal protocols for handling access and deletion requests.
    C. Preparing a notice of nancial incentive for any loyalty programs offered to its customers.
    D. Reviewing its vendor contracts to ensure that the vendors are subject to service provider restrictions.

  • Question 193:

    In which situation is a company operating under the assumption of implied consent?

    A. An employer contacts the professional references provided on an applicant's resume
    B. An online retailer subscribes new customers to an e-mail list by default
    C. A landlord uses the information on a completed rental application to run a credit report
    D. A retail clerk asks a customer to provide a zip code at the check-out counter

  • Question 194:

    SCENARIO

    Please use the following to answer the next question:

    Larry has become increasingly dissatisfied with his telemarketing position at SunriseLynx, and particularly with his supervisor, Evan. Just last week, he overheard Evan mocking the state's Do Not Call list, as well as the people on it. "If they

    were really serious about not being bothered," Evan said, "They'd be on the national DNC list. That's the only one we're required to follow. At SunriseLynx, we call until they ask us not to."

    Bizarrely, Evan requires telemarketers to keep records of recipients who ask them to call "another time." This, to Larry, is a clear indication that they don't want to be called at all. Evan doesn't see it that way.

    Larry believes that Evan's arrogance also affects the way he treats employees. The U.S. Constitution protects American workers, and Larry believes that the rights of those at SunriseLynx are violated regularly. At first Evan seemed friendly,

    even connecting with employees on social media. However, following Evan's political posts, it became clear to Larry that employees with similar affiliations were the only ones offered promotions.

    Further, Larry occasionally has packages containing personal-use items mailed to work. Several times, these have come to him already opened, even though this name was clearly marked. Larry thinks the opening of personal mail is common

    at SunriseLynx, and that Fourth Amendment rights are being trampled under Evan's leadership.

    Larry has also been dismayed to overhear discussions about his coworker, Sadie. Telemarketing calls are regularly recorded for quality assurance, and although Sadie is always professional during business, her personal conversations

    sometimes contain sexual comments. This too is something Larry has heard Evan laughing about. When he mentioned this to a coworker, his concern was met with a shrug. It was the coworker's belief that employees agreed to be monitored

    when they signed on. Although personal devices are left alone, phone calls, emails and browsing histories are all subject to surveillance. In fact, Larry knows of one case in which an employee was fired after an undercover investigation by an

    outside firm turned up evidence of misconduct. Although the employee may have stolen from the company, Evan could have simply contacted the authorities when he first suspected something amiss.

    Larry wants to take action, but is uncertain how to proceed.

    In regard to telemarketing practices, Evan the supervisor has a misconception regarding?

    A. The conditions under which recipients can opt out
    B. The wishes of recipients who request callbacks
    C. The right to monitor calls for quality assurance
    D. The relationship of state law to federal law

  • Question 195:

    What was the original purpose of the Federal Trade Commission Act?

    A. To ensure privacy rights of U.S. citizens
    B. To protect consumers
    C. To enforce antitrust laws
    D. To negotiate consent decrees with companies violating personal privacy

  • Question 196:

    Which authority supervises and enforces laws regarding advertising to children via the Internet?

    A. The Office for Civil Rights
    B. The Federal Trade Commission
    C. The Federal Communications Commission
    D. The Department of Homeland Security

  • Question 197:

    SCENARIO

    Please use the following to answer the next question:

    Matt went into his son's bedroom one evening and found him stretched out on his bed typing on his laptop.

    "Doing your homework?" Matt asked hopefully.

    "No," the boy said. "I'm filling out a survey."

    Matt looked over his son's shoulder at his computer screen. "What kind of survey?"

    "It's asking questions about my opinions."

    "Let me see," Matt said, and began reading the list of questions that his son had already answered. "It's asking your opinions about the government and citizenship. That's a little odd. You're only ten."

    Matt wondered how the web link to the survey had ended up in his son's email inbox. Thinking the message might have been sent to his son by mistake he opened it and read it. It had come from an entity called the Leadership Project, and

    the content and the graphics indicated that it was intended for children. As Matt read further he learned that kids who took the survey were automatically registered in a contest to win the first book in a series about famous leaders.

    To Matt, this clearly seemed like a marketing ploy to solicit goods and services to children. He asked his son if he had been prompted to give information about himself in order to take the survey. His son told him he had been asked to give his

    name, address, telephone number, and date of birth, and to answer questions about his favorite games and toys.

    Matt was concerned. He doubted if it was legal for the marketer to collect information from his son in the way that it was. Then he noticed several other commercial emails from marketers advertising products for children in his son's inbox, and

    he decided it was time to report the incident to the proper authorities.

    How does Matt come to the decision to report the marketer's activities?

    A. The marketer failed to make an adequate attempt to provide Matt with information
    B. The marketer did not provide evidence that the prize books were appropriate for children
    C. The marketer seems to have distributed his son's information without Matt's permission
    D. The marketer failed to identify himself and indicate the purpose of the messages

  • Question 198:

    Mega Corp. is a U.S.-based business with employees in California, Virginia, and Colorado. Which of the following must Mega Corp. comply with in regard to its human resources data?

    A. California Privacy Rights Act.
    B. California Privacy Rights Act and Virginia Consumer Data Protection Act.
    C. California Privacy Rights Act and Colorado Privacy Act.
    D. California Privacy Rights Act, Virginia Consumer Data Protection Act, and Colorado Privacy Act.

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IAPP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIPP-US exam preparations and IAPP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.