When releasing aggregates, what must be performed to magnitude data to ensure privacy?
A. Value swapping.
B. Noise addition.
C. Basic rounding.
D. Top coding.
When should code audits be concluded?
A. At code check-in time.
B. At engineering design time.
C. While code is being sent to production.
D. Before launch after all code for a feature is complete.
An EU marketing company is planning to make use of personal data captured to make automated decisions based on profiling. In some cases, processing and automated decisions may have a legal effect on individuals, such as credit worthiness.
When evaluating the implementation of systems making automated decisions, in which situation would the company have to accommodate an individual's right NOT to be subject to such processing to ensure compliance under the General Data Protection Regulation (GDPR)?
A. When an individual's legal status or rights are not affected by the decision.
B. When there is no human intervention or influence in the decision-making process.
C. When the individual has given explicit consent to such processing and suitable safeguards exist.
D. When the decision is necessary for entering into a contract and the individual can contest the decision.
How can a hacker gain control of a smartphone to perform remote audio and video surveillance?
A. By performing cross-site scripting.
B. By installing a roving bug on the phone.
C. By manipulating geographic information systems.
D. By accessing a phone's global positioning system satellite signal.
Which of the following is NOT a step in the methodology of a privacy risk framework?
A. Assessment.
B. Monitoring.
C. Response.
D. Ranking.
What logs should an application server retain in order to prevent phishing attacks while minimizing data retention?
A. Limited-retention, de-identified logs including only metadata.
B. Limited-retention, de-identified logs including the links clicked in messages as well as metadata.
C. Limited-retention logs including the identity of parties sending and receiving messages as well as metadata.
D. Limited-retention logs including the links clicked in messages, the identity of parties sending and receiving them, as well as metadata.
In order to prevent others from identifying an individual within a data set, privacy engineers use a cryptographically-secure hashing algorithm. Use of hashes in this way illustrates the privacy tactic known as what?
A. Isolation.
B. Obfuscation.
C. Perturbation.
D. Stripping.
Which activity would best support the principle of data quality?
A. Providing notice to the data subject regarding any change in the purpose for collecting such data.
B. Ensuring that the number of teams processing personal information is limited.
C. Delivering information in a format that the data subject understands.
D. Ensuring that information remains accurate.
In terms of data extraction, which of the following should NOT be considered by a privacy technologist in relation to data portability?
A. The size of the data.
B. The format of the data.
C. The range of the data.
D. The medium of the data.
A computer user navigates to a page on the Internet. The privacy notice pops up and the user clicks the box to accept cookies, then continues to scroll the page to read the Information displayed. This is an example of which type of consent?
A. Explicit.
B. Implicit.
C. Specific
D. Valid.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IAPP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIPT exam preparations and IAPP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.