Free Isaca CDPSE Exam Questions

Become Isaca Certified with updated CDPSE exam questions and correct answers

Page: 1 / 48

Total 240 Questions | Updated On: Nov 10, 2025

Add To Cart

Question 1

A security manager is performing a risk assessment on a data center. The security manager has determined that unauthorized personnel can enter the data center through the loading dock door and shut off utility power to the building. This finding is known as a:

A : lnerability

B : reat

C : k

D : obability

Answer: B

Question 2

An organization relying on physical access controls has migrated its on-premises applications to cloud service providers. What

compensating control should be enacted for access to cloud-based applications since physical access is less of a factor?

A : ltifactor authentication

B : ngle sign-on

C : Reduced sign-on

D : Biometrics

Answer: A

Question 3

A US state has enacted a sweeping new extraterritorial privacy regulation that focuses on cross-state border data transfer. What is the

first step that an online social media vendor should take?

A : Wait until there is sufficient case law to see whether the law is enforceable.

B : it until the law takes effect to begin making changes to systems.

C : tain expert privacy counsel to opine on applicability and interpretation.

D : rect developers to make changes to the system to comply with the new law.

Answer: C

Question 4

An online retail company is trying to determine how to handle users' data if they unsubscribe from marketing emails generated from the website. Which of the following is the BEST approach for handling personal data that has been restricted?

A : crypt users' information so it is inaccessible to the marketing department.

B : ference the privacy policy to see if the data is truly restricted.

C : move users' information and account from the system.

D : ag users' email addresses to make sure they do not receive promotional information.

Answer: D

Question 5

Which of the following is MOST important when designing application programming interfaces (APIs) that enable mobile device applications to access personal data?

A : user's ability to select, filter, and transform data before it is shared

B : brella consent for multiple applications by the same developer

C : er consent to share personal data

D : Unlimited retention of personal data by third parties

Answer: C

Page: 1 / 48

Total 240 Questions | Updated On: Nov 10, 2025

Add To Cart