Download DSCI certified Privacy Professional.DCPP-01.ExamLabs.2020-04-06.37q.vcex

Vendor: DSCI
Exam Code: DCPP-01
Exam Name: DSCI certified Privacy Professional
Date: Apr 06, 2020
File Size: 25 KB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: EXAM_HUB

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
APEC privacy framework envisages common principles such as Notice, Collection limitation, Use Limitation, Access and Correction, Security/Safeguards, and Accountability. But it differs from the EU Data Protection Directive in which of the below aspect?
  1. APEC privacy framework does not deal with the usage of personal information
  2. APEC privacy framework does not mandate the binding treaties or directives for member countries
  3. APEC privacy framework does not have a provision for co-operation between privacy enforcement agencies of members
  4. APEC privacy framework does not deal with e-commerce
Correct answer: B
Question 2
A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some of the data that the organization collects is sensitive in nature, the processing of some of which is also outsourced to its branches in Asian countries. 
For exporting EU branch employees’ data to Asian Countries for processing, which of the following instruments could be used for legal data transfer?
  1. Customized contracts mandating ISO 27001 certification by the data processor
  2. Standard Contractual Clauses
  3. Binding Corporate Rules
  4. Safe Harbor
Correct answer: D
Question 3
A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some of the data that the organization collects is sensitive in nature, the processing of some of which is also outsourced to its branches in Asian countries. 
For the outsourced work of its customers’ data processing, in order to initiate data transfer to another organizations outside EU, which is the most appropriate among the following?
  1. The vendor (data importer) in the third country, and not the exporter is responsible to put in place suitable model contractual clauses, and hence the exporter does not need to take any action.
  2. Since the data is processed by the vendor outside the EU, the EU directive does not apply and hence there are no legal concerns
  3. The data exporter needs to initiate model contractual clauses after obtaining approvals from data protection commissioner and have the vendor be a signatory on the same as data importer
  4. The data importer need to notify about the transfer to data protection commissioner in the destination country and exporter need to similarly notify in the EU country of origin
Correct answer: D
Question 4
With reference to APEC privacy framework, when personal information is to be transferred to another person or organization, whether domestically or internationally, “the ______________ should obtain the consent of the individual and exercise due diligence and take reasonable steps to ensure that the recipient person or organization will protect the information consistently with APEC information privacy principles”.
  1. Personal Information Owner
  2. Personal Information Controller
  3. Personal Information Processor
  4. Personal Information Auditor
Correct answer: B
Explanation:
Reference: https://iapp.org/news/a/gdpr-matchup-the-apec-privacy-framework-and-cross-border-privacy-rules/
Reference: https://iapp.org/news/a/gdpr-matchup-the-apec-privacy-framework-and-cross-border-privacy-rules/
Question 5
From the below listed options, identify the new privacy principle that is being advocated in proposed EU General Data Protection Regulation?
  1. Right to be informed prior to sharing of data
  2. Right to modify data
  3. Right to be forgotten
  4. Right to object data collection and processing
Correct answer: C
Question 6
With respect to ‘Data Minimization’ privacy principle, please select the correct statements from the following:
  1. Right to object by the data subject for minimizing the collection of personal information
  2. Data controllers should limit the amount of data collected to what is directly relevant and necessary to accomplish a specified purpose
  3. Data controllers should retain the data only for as long as is necessary to fulfil the purpose for which it was collected
  4. Process of analyzing and minimizing the collected data into useful information
Correct answer: A
Question 7
For negligence in implementing and maintaining the reasonable security practices and procedures for protecting Sensitive Personal Data or Information (SPDI) as mentioned in Section 43A and associated rules under IT (Amendment) Act, 2008, a corporate entity may be liable to pay compensation of up to___________
  1. Rs. 50,000,000
  2. Rs. 500,000,000
  3. Rs. 5,000,000
  4. Upper limit not defined
Correct answer: D
Explanation:
Reference: https://shodhganga.inflibnet.ac.in/bitstream/10603/164562/3/chapter%20ii.pdf
Reference: https://shodhganga.inflibnet.ac.in/bitstream/10603/164562/3/chapter%20ii.pdf
Question 8
‘Challenging Compliance’ as a privacy principle is covered in which of the following data protection/ privacy act?
  1. Federal Data Protection Act, Germany (BDSG)
  2. UK Data Protection Act, 2018
  3. Personal Information Protection and Electronic Documents Act (PIPEDA)
  4. Singapore Data Protection Act, 2012
Correct answer: C
Question 9
Please select the incorrect statement in context of “Online Privacy”:
  1. A person’s act of ‘Selective disclosure” (of themselves) in an online environment
  2. A person’s concern over usage of information that were collected during an online activity
  3. A person’s control over collection of information during an online activity
  4. A person’s concern on the software licensing agreement they sign with any organization
Correct answer: C
Question 10
Complete the sentence:
The Gramm-Leach-Bliley Act (GLBA) of US regulates the privacy practices adopted by financial institutions, requiring them to provide adequate security of the customer records. It lays various obligations on the financial institutions but allows such financial institutions to share the non-public information of customers (after properly notifying their consumers in a manner mentioned in the Act) with
  1. Its affiliates only after obtaining explicit consent from the consumers
  2. Its affiliates without need for obtaining explicit consent from the consumers for sharing their data
  3. Its affiliates after disclosure in initial and annual GLBA privacy notices
  4. Its affiliates after obtaining explicit permission of Federal Trade Commission
Correct answer: A
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!