Summer Sale Special - 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dm70dm

DCPP-01 Questions and Answers

Question # 4

A government agency collecting biometrics of citizens can deny sharing such information with Law Enforcement Agencies (LEAs) on which of the following basis?

A.

The purpose of collecting the biometrics is different than what LEAs intent to use it for

B.

The consent of data subjects has not been taken

C.

Government agencies would share the biometrics with LEAs on one condition if LEA properly notify the citizens

D.

None of the above, as government agencies would never deny any LEA for sharing such information for the purpose of mass surveillance

Full Access
Question # 5

A Privacy Impact Assessment (PIA) should ideally accomplish which of the following goals?

A.

To determine the risks and effects of collecting, storing and distributing personal information

B.

To evaluate processes for handling personal information for mitigating potential privacy risks

C.

To acknowledge the organization’s role in collecting personal identifiable information

D.

To comply with ISO 27001:2013 standard

Full Access
Question # 6

A financial organization may share nonpublic information about its customers in accordance with Gramm-Leach-Bliley Act of the US. Which one of the following is the requirement?

A.

Data sharing does not require consent from the consumers.

B.

As soon as the GLBA privacy notice is disclosed initially and annually

C.

FTC permission is required

D.

Consumers' consent must be obtained first

Full Access
Question # 7

What is not a compulsory pre-requisite before a company with headquarters in the EU transfers sensitive personal data to its Asian subsidiaries?

A.

Self-certifying to Safe Harbor practices and reporting to Federal Trade Commission

B.

Performing a risk assessment for the processing involved

C.

Data subjects are notified

D.

Assessing the country's adequacy

Full Access
Question # 8

Which one of the following is considered as the first step of evolution in the formation of today’s concept of privacy?

A.

Fundamental civil liberty

B.

Universal declaration of human rights

C.

Right to be left alone

D.

Binding corporate rules

Full Access
Question # 9

In India, who among the following would be the authorized legal entities to monitor and intercept communication of individuals?

A.

“Intermediaries” as defined under the IT (Amendment) Act, 2008

B.

Telecom Service Providers

C.

Intelligence and Law Enforcement Agencies

D.

Directorate of Revenue Intelligence (DRI)

Full Access
Question # 10

Technological advancement is inevitable and the speed of change is exponential. In such a scenario, which of the following statement is not true for defining the relationship between privacy protection and technology advancement, both at individual and corporate levels?

A.

Maintaining privacy is difficult with emerging platforms and services

B.

Maintaining privacy is difficult, as exercising complete control over personal information in online environment is an uphill task

C.

Technology advancements and privacy protection are independent concepts that are not related

D.

Maintaining privacy in cyberspace becomes easier with proper use of tools and technologies

Full Access
Question # 11

Effective 2013, HIPAA Omnibus rule applies to which of the following?

A.

Covered Entities only

B.

Business Associates only

C.

Covered Entities & Business Associates

D.

Federal Health Bodies only

Full Access
Question # 12

Under which of the following conditions can a company in India may transfer sensitive personal information (SPI) to any other company or a person in India, or located in any other country?

A.

Transfer of information is allowed to those who ensure the same level of data protection that is adhered to by the company as provided for under the Indian laws

B.

The transfer of information is allowed only after taking approval of Chief Information Commissioner of India

C.

The transfer of information is allowed only after taking approval of DeitY (Department of Electronics & Information Technology) in India

D.

The transfer may be allowed only if it is necessary for the performance of the lawful contract or where the data subject has consented to data transfer

Full Access
Question # 13

‘Challenging Compliance’ as a privacy principle is covered in which of the following data protection/ privacy act?

A.

Federal Data Protection Act, Germany

B.

UK Data Protection Act

C.

PIPEDA

D.

Singapore Data Protection Act

Full Access
Question # 14

Which of the following is not required by an organization in US, resorting to EU-US Safe Harbor provisions, to transfer personal information from EU member nation to US?

A.

Adherence to the seven safe harbor principles

B.

Disclose their privacy policy publicly

C.

Sign standard contractual clauses with data exporters in EU

D.

Notify FTC of the self-certification

Full Access
Question # 15

According to IT (Amendment) Act,2008, who should designate a grievance officer to redress grievance(s) of provider of information?

A.

Data processor

B.

Third party agency collecting personal information

C.

Body corporate, which determines the means and purpose of data processing

D.

Natural person sharing his/her information

Full Access
Question # 16

Indian constitution does not expressly provide for the “right to privacy” to its citizens. However, there were various judicial pronouncements of the apex court which finally established the “right to privacy” as a fundamental right subsumed under Article 21 of the constitution of India. Article 21 inter alia provides and protects the __________________.

A.

Right to Life and Personal liberty

B.

Right to Opportunity

C.

Right to Freedom of Speech and Expression

D.

Right to Equality before law

Full Access
Question # 17

Company A collects and stores information from people X & Y on behalf of company B. Which of the following statements are true?

A.

A is the data controller since it collects data directly from X & Y

B.

B is the data controller while A is the sub processor as B has outsourced the data collection and processing to A

C.

B is the data controller that uses A as data processor to collect and process data of data subjects X and Y

D.

Both A & B are data controllers since both need to maintain highest principles of data protection

Full Access
Question # 18

Choose the correct statement:

Projects like DNA profiling, UIDAI, collection of individual’s statistics, etc.

A.

Are executed with a sole aim to ensure that privacy of individuals is maintained

B.

Have been initiated to provide services to citizens for maintaining their online privacy only

C.

Have raised the need for a comprehensive privacy legislation at national level

D.

Have enforced a privacy legislation at national level

Full Access
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 08 Jun 2023