Free IAPP CIPP-E Exam Questions

Question 1

What is the most frequently used mechanism for legitimizing cross-border data transfer?

A : andard Contractual Clauses.

B : proved Code of Conduct.

C : nding Corporate Rules

D : rogations

Answer: A

Question 2

Through a combination of hardware failure and human error, the decryption key for a bank’s customer account transaction database has been lost. An investigation has determined that this was not the result of hacking or malfeasance, simply an unfortunate combination of circumstances. Which of the following accurately indicates the nature of this incident?

A : A data breach has not occurred because the loss was not the result of hacking.

B : A data breach has not occurred because no data was exposed to any unauthorized individual.

C : A data breach has occurred because the loss of the key has resulted in the data no longer being accessible.

D : A data breach has occurred because the loss of the key has resulted in the loss of confidentiality or integrity of the data.

Answer: D

Question 3

Through a combination of hardware failure and human error, the decryption key for a bank’s customer account transaction database has been lost. An investigation has determined that this was not the result of hacking or malfeasance, simply an unfortunate combination of circumstances. Which of the following accurately indicates the nature of this incident?

A : A data breach has not occurred because the loss was not the result of hacking.

B : A data breach has not occurred because no data was exposed to any unauthorized individual.

C : A data breach has occurred because the loss of the key has resulted in the data no longer being accessible.

D : A data breach has occurred because the loss of the key has resulted in the loss of confidentiality or integrity of the data.

Answer: D

Question 4

According to the Personal Data Protection Commission’s (PDPC) “Guide to basic data anonymization techniques,” recently adopted by the Spanish Data Protection Agency, which of the following is NOT a valid basic anonymization technique?

A : Swapping

B : Generalization

C : Data Adjustment.

D : Attribute Suppression.

Answer: C

Question 5

Which of the following demonstrates compliance with the accountability principle found in Article 5, Section 2 of the GDPR?

A : Anonymizing special categories of data.

B : nducting regular audits of the data protection program.

C : tting consent from the data subject for a cross border data transfer.

D : crypting data in transit and at rest using strong encryption algorithms.

Answer: B