Properly configured databases and well-written website codes are the best protection against what online threat?
A. Pharming.
B. SQL injection.
C. Malware execution.
D. System modification.
SCENARIO Please use the following to answer next question: EnsureClaim is developing a mobile app platform for managing data used for assessing car accident insurance claims. Individuals use the app to take pictures at the crash site, eliminating the need for a built-in vehicle camera. EnsureClaim
uses a third-party hosting provider to store data collected by the app. EnsureClaim customer service employees also receive and review app data before sharing with insurance claim adjusters. The app collects the following information: First and last name Date of birth (DOB) Mailing address Email address Car VIN number Car model License plate Insurance card number Photo Vehicle diagnostics Geolocation All of the following technical measures can be implemented by EnsureClaim to protect personal information that is accessible by third-parties EXCEPT?
A. Encryption.
B. Access Controls.
C. De-identification.
D. Multi-factor authentication.
An organization is evaluating a number of Machine Learning (ML) solutions to help automate a customer-facing part of its business From a privacy perspective, the organization should first?
A. Define their goals for fairness
B. Document the distribution of bias scores
C. Document the False Positive Rates (FPR).
D. Define how data subjects may object to the processing
Which of the following techniques describes the use of encryption where encryption keys are divided into parts that can then be used to recover a full encryption key?
A. Homomorphic encryption.
B. Asymmetric cryptography.
C. Cryptographic hashing.
D. Secret sharing.
When should code audits be concluded?
A. At code check-in time.
B. At engineering design time.
C. While code is being sent to production.
D. Before launch after all code for a feature is complete.
An EU marketing company is planning to make use of personal data captured to make automated decisions based on profiling. In some cases, processing and automated decisions may have a legal effect on individuals, such as credit worthiness.
When evaluating the implementation of systems making automated decisions, in which situation would the company have to accommodate an individual's right NOT to be subject to such processing to ensure compliance under the General Data Protection Regulation (GDPR)?
A. When an individual's legal status or rights are not affected by the decision.
B. When there is no human intervention or influence in the decision-making process.
C. When the individual has given explicit consent to such processing and suitable safeguards exist.
D. When the decision is necessary for entering into a contract and the individual can contest the decision.
Not updating software for a system that processes human resources data with the latest security patches may create what?
A. Authentication issues.
B. Privacy vulnerabilities.
C. Privacy threat vectors.
D. Reportable privacy violations.
When releasing aggregates, what must be performed to magnitude data to ensure privacy?
A. Value swapping.
B. Noise addition.
C. Basic rounding.
D. Top coding.
What logs should an application server retain in order to prevent phishing attacks while minimizing data retention?
A. Limited-retention, de-identified logs including only metadata.
B. Limited-retention, de-identified logs including the links clicked in messages as well as metadata.
C. Limited-retention logs including the identity of parties sending and receiving messages as well as metadata.
D. Limited-retention logs including the links clicked in messages, the identity of parties sending and receiving them, as well as metadata.
What is the main privacy threat posed by Radio Frequency Identification (RFID)?
A. An individual with an RFID receiver can track people or consumer products.
B. An individual can scramble computer transmissions in weapons systems.
C. An individual can use an RFID receiver to engage in video surveillance.
D. An individual can tap mobile phone communications.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only IAPP exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your CIPT exam preparations and IAPP certification application, do not hesitate to visit our Vcedump.com to find your solutions here.