Online CIPT Practice TestMore IAPP Products >

Free IAPP CIPT Exam Dumps Questions

IAPP CIPT: Certified Information Privacy Technologist

- Get instant access to CIPT practice exam questions

- Get ready to pass the Certified Information Privacy Technologist exam right now using our IAPP CIPT exam package, which includes IAPP CIPT practice test plus an IAPP CIPT Exam Simulator.

- The best online CIPT exam study material and preparation tool is here.

4.5

(4995 ratings)

Question 1

What has been found to undermine the public key infrastructure system?

A. Man-in-the-middle attacks.

B. Inability to track abandoned keys.

C. Disreputable certificate authorities.

D. Browsers missing a copy of the certificate authority's public key.

Correct Answer:D

Question 2

Which of the following does NOT illustrate the ‘respect to user privacy’ principle?

A. Implementing privacy elements within the user interface that facilitate the use of technology by any visually-challenged users.

B. Enabling Data Subject Access Request (DSARs) that provide rights for correction, deletion, amendment and rectification of personal information.

C. Developing a consent management self-service portal that enables the data subjects to review the details of consent provided to an organization.

D. Filing breach notification paperwork with data protection authorities which detail the impact to data subjects.

Correct Answer:D

Question 3

Which of the following statements describes an acceptable disclosure practice?

A. An organization’s privacy policy discloses how data will be used among groups within the organization itself.

B. With regard to limitation of use, internal disclosure policies override contractual agreements with third parties.

C. Intermediaries processing sensitive data on behalf of an organization require stricter disclosure oversight than vendors.

D. When an organization discloses data to a vendor, the terms of the vendor’ privacy notice prevail over the organization’ privacy notice.

Correct Answer:A

Question 4

What logs should an application server retain in order to prevent phishing attacks while minimizing data retention?

A. Limited-retention, de-identified logs including only metadata.

B. Limited-retention, de-identified logs including the links clicked in messages as well as metadata.

C. Limited-retention logs including the identity of parties sending and receiving messages as well as metadata.

D. Limited-retention logs including the links clicked in messages, the identity of parties sending and receiving them, as well as metadata.

Correct Answer:B

Question 5

Which of the following would best improve an organization’ s system of limiting data use?

A. Implementing digital rights management technology.

B. Confirming implied consent for any secondary use of data.

C. Applying audit trails to resources to monitor company personnel.

D. Instituting a system of user authentication for company personnel.

Correct Answer:C

Question 6

SCENARIO
Clean-Q is a company that offers house-hold and office cleaning services. The company receives requests from consumers via their website and telephone, to book cleaning services. Based on the type and size of service, Clean-Q then contracts individuals that are registered on its resource database - currently managed in-house by Clean-Q IT Support. Because of Clean-Q's business model, resources are contracted as needed instead of permanently employed.
The table below indicates some of the personal information Clean-Q requires as part of its business operations:
CIPT dumps exhibit
Clean-Q has an internal employee base of about 30 people. A recent privacy compliance exercise has been conducted to align employee data management and human resource functions with applicable data protection regulation. Therefore, the Clean-Q permanent employee base is not included as part of this scenario.
With an increase in construction work and housing developments, Clean-Q has had an influx of requests for cleaning services. The demand has overwhelmed Clean-Q's traditional supply and demand system that has caused some overlapping bookings.
Ina business strategy session held by senior management recently, Clear-Q invited vendors to present potential solutions to their current operational issues. These vendors included Application developers and Cloud-Q’s solution providers, presenting their proposed solutions and platforms.
The Managing Director opted to initiate the process to integrate Clean-Q's operations with a cloud solution (LeadOps) that will provide the following solution one single online platform: A web interface that Clean-Q accesses for the purposes of resource and customer management. This would entail uploading resource and customer information.
CIPT dumps exhibit A customer facing web interface that enables customers to register, manage and submit cleaning service requests online.
A resource facing web interface that enables resources to apply and manage their assigned jobs.
An online payment facility for customers to pay for services.
Considering that LeadOps will host/process personal information on behalf of Clean-Q remotely, what is an
appropriate next step for Clean-Q senior management to assess LeadOps' appropriateness?

A. Nothing at this stage as the Managing Director has made a decision.

B. Determine if any Clean-Q competitors currently use LeadOps as a solution.

C. Obtain a legal opinion from an external law firm on contracts management.

D. Involve the Information Security team to understand in more detail the types of services and solutions LeadOps is proposing.

Correct Answer:D

START CIPT EXAM