Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

CIPP/E IAPP Practice Questions & Answers 2023/2024 LATEST, Exams of Information Technology

Practice questions and answers related to data protection milestones, European Council, Council of the EU, European Commission, personal data, GDPR, privacy notices, security measures, and more. The questions cover various aspects of data protection and privacy laws and regulations in the EU. useful for students and professionals preparing for CIPP/E IAPP certification exams or seeking to improve their knowledge of data protection and privacy laws in the EU.

Typology: Exams

2022/2023

Available from 11/18/2023

eloy-hermann
eloy-hermann 🇺🇸

1

(1)

2K documents

1 / 128

Toggle sidebar

Related documents


Partial preview of the text

Download CIPP/E IAPP Practice Questions & Answers 2023/2024 LATEST and more Exams Information Technology in PDF only on Docsity!

CIPP/E IAPP

Practice Questions

& Answers

2023/2024 LATEST//

 Which of the following data protection milestones is a treaty among member states of the Council of Europe:  -Data Retention Directive  -Charter of Fundamental Rights

 -Convention 108  -e-Privacy Directive  -GDPR - ✔️✔️ Convention 108  Which of the following data protection milestones applies to public electronics communications services and networks?  -Data Retention Directive  -Charter of Fundamental Rights  -Convention 108

 -e-Privacy Directive  -GDPR - ✔️✔️ e-Privacy Directive  The Universal Declaration of Human Rights is a product of which institution?  -The United Nations  -The Council of Europe  -The European Union - ✔️✔️ The United Nations

 Which European institutions is composed of 47 member states?  -The Council of Europe  -The European Union  -The European Economic Area - ✔️✔️ The Council of Europe  Chose the characteristic that describes the European Parliament.  -Is responsible for legislative development, supervisory oversight

of other institutions, and development of the budget  -Defines the EU priorities and sets the political direction for the EU. - ✔️✔️ Defines the EU priorities and sets the political direction for the EU  Choose the characteristic that describes the European Council.  -Sets the overall political agenda of the EU

 -Negotiates and adopts laws - ✔️✔️ Sets the overall political agenda of the EU.  Choose the characteristic that describes the Council of the EU  -Is sometimes described as the executive body of the EU  -Is one of the main decision-making bodies of the EU - ✔️✔️ Is one of the

main decision making bodies of the EU.  Choose the characteristic that describes the European Commission.  -Has the power to propose legislation  -Is composed of a directly elected body - ✔️✔️ Has the power to propose legislation

 Choose the characteristic that describes the Court of Justice of the EU  -Makes decisions on issues of EU law  -Is based in Strasbourg - ✔️✔️ Makes decisions on issues of EU law.  What is the function of the 4 step test?

 -Determine if data qualifies as personal data  -Determine i personal data is anonymous  -Determine if personal date belongs to special categories  -Determine if personal data is pseudonymous. - ✔️✔️ Determine if data qualifies as personal data

 Which criteria are used to identify personal data? Select all that apply  -natural person  -an identified or identifiable  -any information  -relating to oor anonymous - ✔️✔️ All EXCEPT "or anonymous

 Select the types of personal data elements that belong to special categories under the GDPR.  -Personal data revealing religious or philosophical beliefs  -Data relating to personal interests and hobbies  -Data concerning health  -Personal data revealing political opinions

 -Personal data revealing financial information  -Genetic data used to uniquely identify a natural person - ✔️✔️ All EXCEPT  -personal interests and hobbies  -financial information  True or False: Personal data either belongs to special categories or does

not. There is no grey area. - ✔️✔️ False  True or False: Anonymising personal data is always possible. - ✔️✔️ False  True or false: Pseudonymous data is protected by the GDPR. - ✔️✔️ True  True or false: A data controller may be a natural person or a legal entity,

while a data processor must be a legal entity. - ✔️✔️ False  True or false: a contract protects a processor from being held to the same legal obligations as the controller. - ✔️✔️ False  True or False: A processor may decide wehre and how to process personal data. - ✔️✔️ False

 True or false: When personal data is being processed, there is always a controller. - ✔️✔️ True  What is data processing:  -Any action involved in securing and protecting data  -Any action performed upon data  -Any action involved in collecting personal data

 -Any action that adapts or alters data. - ✔️✔️ Any action performed upon data.  What are the criteria used to determine the territorial scope of the GDPR: Select all that apply.  -Processing of personal data of EU subjects relating to offering goods or services or monitoring behaviour

 -Processing of personal data by a controller not established in the EU but in a place where member state law applies  -Processing of personal data when a controller or processor is established in the EU - ✔️✔️ All.  Which of the following fall under the material scope of the GDPR? Select all that apply.

 -processing personal data without human intervention  -processing anonymous data  -Processing personal data that forms part of a filing system. - ✔️✔️ All EXCEPT anonymous data  Exclusions to the material scope of GDPR should be interpreted broadly. True or false? - ✔️✔️ False

 True or false: At least three of the legitimate processing criteria within the GDPR must ve met for personal data to be processed legally. - ✔️✔️ False  Read the following and select all the GDPR principles that have been violated: An access control system used by an organization's

maintenance team for building security is later used by a manager in a different department to determine if employees are arriving late for work. The employees are not informed of this new processing action, and the manager does not create consistent records of the processing activities.  -Integrity and confidentiality  -Accountability

 -Data quality and accuracy - ✔️✔️ This violates  -Integrity and confidentiality  Accountability  Which legitimate processing criteria is commonly used when a customer purchases a good or service?  -Consent  -Vital interests  -Contract - ✔️✔️ Contract

 Which exception to the prohibition on processing special categories of data must be explicit?  -Vital interests  -Publicly available data  -Consent - ✔️✔️ Consent  Select all that are potential solutions to lengthy privacy notices.

 -Key notices  -Standardized Icons  -Terms of Agreement  -Just in time notices  -Layered privacy notices - ✔️✔️ All EXCEPT  -Key notices  -Terms of Agreement

 True of False: A controller may charge an administrative fee to data subjects if they request that the information provision be in oral format. - ✔️✔️ False  Privacy notices should use visualisation where appropriate. True or false? - ✔️✔️ True

 True or false: Information provided to data subjects about the processing of their personal data should be written in clear and plain language that is understandable. - ✔️✔️ True  True or false: The transparency principle states that detail is more important that conciseness in a privacy notice. - ✔️✔️ False