Download DSCI certified Privacy Professional.DCPP-01.PracticeTest.2020-06-03.54q.vcex

Vendor: DSCI
Exam Code: DCPP-01
Exam Name: DSCI certified Privacy Professional
Date: Jun 03, 2020
File Size: 37 KB
Download Exam

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Download
ProfExam Simulator

Purchase
Coupon: EXAM_HUB

Discount: 20%

ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator ProfExam Simulator

Demo Questions

Question 1
APEC privacy framework envisages common principles such as Notice, Collection limitation, Use Limitation, Access and Correction, Security/Safeguards, and Accountability. But it differs from the EU Data Protection Directive in which of the below aspect? 
  1. APEC privacy framework does not deal with the usage of personal information
  2. APEC privacy framework does not mandate the binding treaties or directives for member countries
  3. APEC privacy framework does not have a provision for co-operation between privacy enforcement agencies of members
  4. APEC privacy framework does not deal with e-commerce
Correct answer: B
Question 2
A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some of the data that the organization collects is sensitive in nature, the processing of some of which is also outsourced to its branches in Asian countries. 
Which of the following are not mandatory pre-requisite before transferring sensitive personal data to its Asian branches?
  1. Notifying the data subject
  2. Conducting risk assessment for the processing involved
  3. Determining adequacy status of the country
  4. Self-certifying to Safe Harbor practices and reporting to Federal Trade Commission
Correct answer: D
Question 3
A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some of the data that the organization collects is sensitive in nature, the processing of some of which is also outsourced to its branches in Asian countries. 
For the outsourced work of its customers’ data processing, in order to initiate data transfer to another organizations outside EU, which is the most appropriate among the following?
  1. The vendor (data importer) in the third country, and not the exporter is responsible to put in place suitable model contractual clauses, and hence the exporter does not need to take any action.
  2. Since the data is processed by the vendor outside the EU, the EU directive does not apply and hence there are no legal concerns
  3. The data exporter needs to initiate model contractual clauses after obtaining approvals from data protection commissioner and have the vendor be a signatory on the same as data importer
  4. The data importer need to notify about the transfer to data protection commissioner in the destination country and exporter need to similarly notify in the EU country of origin
Correct answer: D
Question 4
With reference to APEC privacy framework, when personal information is to be transferred to another person or organization, whether domestically or internationally, “the ______________ should obtain the consent of the individual and exercise due diligence and take reasonable steps to ensure that the recipient person or organization will protect the information consistently with APEC information privacy principles”.
  1. Personal Information Owner
  2. Personal Information Controller
  3. Personal Information Processor
  4. Personal Information Auditor
Correct answer: B
Explanation:
Reference: https://iapp.org/news/a/gdpr-matchup-the-apec-privacy-framework-and-cross-border-privacy-rules/
Reference: https://iapp.org/news/a/gdpr-matchup-the-apec-privacy-framework-and-cross-border-privacy-rules/
Question 5
Which of the following statements are true about the privacy statement of an organization?
  1. Content of the online privacy statement of an organization will depend upon the applicable laws, and may need to address requirements across geographical boundaries and legal jurisdictions
  2. As per privacy laws generally it is mandatory to mention the phone contact details of the owner of organization in the online privacy statement where customers can reach out in case of a grievance or incident
  3. Online privacy statement is an instrument to demonstrate to stakeholders how the organization gathers, uses, discloses, and manages personal data
  4. India’s Information Technology (Amendment) Act, 2008 does not require that privacy policy be published on the website
Correct answer: A
Explanation:
Reference: https://en.wikipedia.org/wiki/Privacy_policy
Reference: https://en.wikipedia.org/wiki/Privacy_policy
Question 6
Please select the incorrect statement in context of “Online Privacy”:
  1. A person’s act of ‘Selective disclosure” (of themselves) in an online environment
  2. A person’s concern over usage of information that were collected during an online activity
  3. A person’s control over collection of information during an online activity
  4. A person’s concern on the software licensing agreement they sign with any organization
Correct answer: C
Question 7
Select the element(s) of APEC cross border privacy rules system from the following list:
i. self-assessment 
ii. compliance review 
iii. recognition/acceptance by APEC members 
iv. dispute resolution and enforcement 
Please select correct option:
  1. i, ii and iii
  2. ii, iii, and iv
  3. i, iii and iv
  4. i, ii, iii and iv
Correct answer: C
Question 8
A ministry under government of India plans to collect citizens’ information related to their education, medical condition, economic status, caste and religion. As per the privacy requirements mentioned under Sec 43A of IT (Amendment) Act, 2008, the citizens’ ‘Consent’ would be mandatory for which of the following elements before their collection?
  1. Educational records
  2. Medical condition
  3. Caste and religion
  4. Sec 43A may not be applicable
Correct answer: B
Question 9
XYZ is a successful startup that acquired a respectable size & scale of operations in last 3 years, handling business process services for small & medium scale enterprises, largely in US & Europe. They are at the stage of closing a deal with a new banking client and working out the details of privacy related obligations in contract. Ensuring effective enforcement of which of the below listed privacy principles is client’s accountability, even after outsourcing its loan approval process to XYZ?
I. Notice
II. Choice and Consent
III. Collection Limitation
IV. Use Limitation
V. Access and Correction
VI. Security
VII. Disclosure to third Party
Please select the correct set of principles from below listed options:
  1. None of the above, since they are outsourcing the work to XYZ who will carry the liability going forward
  2. All except V and VI
  3. All except III
  4. All of the above listed privacy principles
Correct answer: C
Question 10
Which of the following categories of information are generally protected under privacy laws?
  1. Personally Identifiable Information (PII)
  2. Sensitive Personal Information (SPI)
  3. Trademark, copyright and patent information
  4. Organizations’ confidential business information
Correct answer: A
Explanation:
CONNECT US
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!