Free IAPP CIPP-E Exam Questions

Question 1

An online company's privacy practices vary due to the fact that it offers a wide variety of services. How could it best address the concern that explaining them all would make the policies incomprehensible?

A : a layered privacy notice on its website and in its email communications.

B : entify uses of data in a privacy notice mailed to the data subject.

C : ovide only general information about its processing activities and offer a toll-free number for more information.

D : ace a banner on its website stipulating that visitors agree to its privacy policy and terms of use by visiting the site.

Answer: B

Question 2

Through a combination of hardware failure and human error, the decryption key for a bank’s customer account transaction database has been lost. An investigation has determined that this was not the result of hacking or malfeasance, simply an unfortunate combination of circumstances. Which of the following accurately indicates the nature of this incident?

A : A data breach has not occurred because the loss was not the result of hacking.

B : A data breach has not occurred because no data was exposed to any unauthorized individual.

C : A data breach has occurred because the loss of the key has resulted in the data no longer being accessible.

D : A data breach has occurred because the loss of the key has resulted in the loss of confidentiality or integrity of the data.

Answer: D

Question 3

What is the most frequently used mechanism for legitimizing cross-border data transfer?

A : andard Contractual Clauses.

B : proved Code of Conduct.

C : nding Corporate Rules

D : rogations

Answer: A

Question 4

According to the Personal Data Protection Commission’s (PDPC) “Guide to basic data anonymization techniques,” recently adopted by the Spanish Data Protection Agency, which of the following is NOT a valid basic anonymization technique?

A : Swapping

B : Generalization

C : Data Adjustment.

D : Attribute Suppression.

Answer: C

Question 5