Free IAPP CIPP-E Exam Questions

Become IAPP Certified with updated CIPP-E exam questions and correct answers

Page: 1 / 64

Total 320 Questions | Updated On: Jul 22, 2020

Add To Cart

Question 1

What is the key difference between the European Council and the Council of the European Union?

A : Council of the European Union is helmed by a president.

B : Council of the European Union has a degree of legislative power.

C : European Council focuses primarily on issues involving human rights.

D : European Council is comprised of the heads of each EU member state.

Answer: D

Question 2

According to the Personal Data Protection Commission’s (PDPC) “Guide to basic data anonymization techniques,” recently adopted by the Spanish Data Protection Agency, which of the following is NOT a valid basic anonymization technique?

A : Swapping

B : Generalization

C : Data Adjustment.

D : Attribute Suppression.

Answer: C

Question 3

A company wishes to transfer personal data to a country outside of the European Union/EEA In order to do so, they are planning an assessment of the country's laws and practices, knowing that these may impinge upon the transfer safeguards they intend to use

All of the following factors would be relevant for the company to consider EXCEPT'?

A : y onward transfers, such as transfers of personal data to a sub-processor in the same or another third country.

B : process of modernization in the third country concerned and their access to emerging technologies that rely on international transfers of personal data

C : technical, financial, and staff resources available to an authority m the third country concerned that may access the personal data to be transferred

D : contractual clauses between the data controller or processor established in the European Union/EEA and the recipient of the transfer established in the third country concerned

Answer: B

Question 4

The European Data Protection Board (EDPB) recommends measures to supplement transfer tools, in order to ensure compliance with the European Union (EU) level of personal data protection. According to these recommendations, what additional actions should be taken when a transfer to a third country is based upon an adequacy decision?

A : opt a supplementary data transfer mechanism.

B : nitor the ongoing validity of the data transfer mechanism.

C : opt technical, contractual or organizational supplementary measures.

D : nitor changes in the law or practice of the third country that would tower the level of protection of personal data

Answer: D

Question 5

Many businesses print their employees' photographs on building passes, so that employees can be identified by security staff. This is notwithstanding the fact that facial images potentially qualify as biometric data under the GOPR. Why would such practice be permitted?

A : cause use of biometric data to confirm the unique identification of data subjects benefits from an exemption.

B : Because photographs qualify as biometric data only when they undergo a "specific technical processing".

C : cause employees are deemed to have given their explicit consent when they agree to be photographed by their employer.

D : cause photographic ID is a physical security measure which is "necessary for reasons of substantial public interest".

Answer: B

Page: 1 / 64

Total 320 Questions | Updated On: Jul 22, 2020

Add To Cart