Free IAPP CIPP-E Exam Questions

Question 1

Through a combination of hardware failure and human error, the decryption key for a bank’s customer account transaction database has been lost. An investigation has determined that this was not the result of hacking or malfeasance, simply an unfortunate combination of circumstances. Which of the following accurately indicates the nature of this incident?

A : A data breach has not occurred because the loss was not the result of hacking.

B : A data breach has not occurred because no data was exposed to any unauthorized individual.

C : A data breach has occurred because the loss of the key has resulted in the data no longer being accessible.

D : A data breach has occurred because the loss of the key has resulted in the loss of confidentiality or integrity of the data.

Answer: D

Question 2

Which of the following is NOT recognized as being a common characteristic of cloud-computing services?

A : service's infrastructure is shared among the supplier's customers and can be located in a number of countries.

B : supplier determines the location, security measures, and service standards applicable to the processing.

C : supplier allows customer data to be transferred around the infrastructure according to capacity.

D : supplier assumes the vendor's business risk associated with data processed by the supplier.

Answer: D

Question 3

A company wishes to transfer personal data to a country outside of the European Union/EEA In order to do so, they are planning an assessment of the country's laws and practices, knowing that these may impinge upon the transfer safeguards they intend to use

All of the following factors would be relevant for the company to consider EXCEPT'?

A : y onward transfers, such as transfers of personal data to a sub-processor in the same or another third country.

B : process of modernization in the third country concerned and their access to emerging technologies that rely on international transfers of personal data

C : technical, financial, and staff resources available to an authority m the third country concerned that may access the personal data to be transferred

D : contractual clauses between the data controller or processor established in the European Union/EEA and the recipient of the transfer established in the third country concerned

Answer: B

Question 4

The European Parliament jointly exercises legislative and budgetary functions with which of the following?

A : European Commission

B : Article 29 Working Party.

C : Council of the European Union

D : European Data Protection Board.

Answer: C

Question 5

Through a combination of hardware failure and human error, the decryption key for a bank’s customer account transaction database has been lost. An investigation has determined that this was not the result of hacking or malfeasance, simply an unfortunate combination of circumstances. Which of the following accurately indicates the nature of this incident?

A : A data breach has not occurred because the loss was not the result of hacking.

B : A data breach has not occurred because no data was exposed to any unauthorized individual.

C : A data breach has occurred because the loss of the key has resulted in the data no longer being accessible.

D : A data breach has occurred because the loss of the key has resulted in the loss of confidentiality or integrity of the data.

Answer: D