Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

CIPP/US Exam Questions with 100% Correct Answers | Verified | Updated 2024, Exams of Advanced Education

CIPP/US Exam Questions with 100% Correct Answers | Verified | Updated 2024 ADA - Correct Answer-Americans with Disabilities Act (ADA) Antidiscrimination Laws - Correct Answer-US federal laws that prohibit discrimination in employment and have sometimes been used to limit background checks. Background Screening - Correct Answer-Pre-employment review of criminal, commercial and financial records of an individual or org, regulated by federal and state laws. Bring Your Own Device (BYOD) - Correct Answer-Strategy allowing employees to use their personal computing devices for work purposes. Benefits include more flexibility, efficiency and productivity in employee work schedules; challenges are primarily security-based as employers lack control over employee devices. CFPB - Correct Answer-Consumer Financial Protection Bureau Common Law - Correct Ans

Typology: Exams

2023/2024

Available from 07/17/2024

professoraxel
professoraxel 🇺🇸

3.8

(27)

9.7K documents

1 / 31

Toggle sidebar

Related documents


Partial preview of the text

Download CIPP/US Exam Questions with 100% Correct Answers | Verified | Updated 2024 and more Exams Advanced Education in PDF only on Docsity! CIPP/US Exam Questions with 100% Correct Answers | Verified | Updated 2024 ADA - Correct Answer-Americans with Disabilities Act (ADA) Antidiscrimination Laws - Correct Answer-US federal laws that prohibit discrimination in employment and have sometimes been used to limit background checks. Background Screening - Correct Answer-Pre-employment review of criminal, commercial and financial records of an individual or org, regulated by federal and state laws. Bring Your Own Device (BYOD) - Correct Answer-Strategy allowing employees to use their personal computing devices for work purposes. Benefits include more flexibility, efficiency and productivity in employee work schedules; challenges are primarily security-based as employers lack control over employee devices. CFPB - Correct Answer-Consumer Financial Protection Bureau pg. 1 professoraxe l Common Law - Correct Answer-Legal principles that have devleoped over time in judicial decisions (case law), often drawing on social customs and expectations Consent Decree - Correct Answer-Judgement entered by consent of the parties (a federal or state agency and an adverse party) whereby the defendant agrees to stop alleged illegal activity, typically without admitting guilt or wrongdoing. CRA - Correct Answer-Consumer Reporting Agency Consumer Reporting Agency (CRA) - Correct Answer-Person / entity that compiles or evaluates personal information for the purpose of furnishing consumer reports to third parties for a fee. Defamation - Correct Answer-Any act or communication intending to harm the reputation of another as to lower him in the estimation of the community or to deter third persons from associating or dealing with him. pg. 2 professoraxe l GPEN - Correct Answer-Global Privacy Enforcement Network Global Privacy Enforcement Network - Correct Answer-Est. 2010 by FTC and enforcement authorities around the world. Promotes cross-border info sharing as well as investigation and enforcement cooperation among privacy authorities globally. Gramm-Leach Bliley Act - Correct Answer-AKA Financial Services Modernization Act of 1999. US Federal law controlling way that financial institutions deal with private information of individuals. Health Information - Correct Answer-Any info related to past, present or future physical / mental condition, provision of health care or payment for health care for an individual. HIPAA - Correct Answer-Health Insurance Portability and Accountability Act of 1996 Health Insurance Portability and Accountability Act of 1996 - Correct Answer-US law passed to create national standards pg. 5 professoraxe l for electronic healthcare transactions, and other things. Required US Department of Health and Human Services (DHHS) to create regs to protect personal health information. What's the basic rule of HIPAA? - Correct Answer-Patients must opt-in BEFORE their info can be shared with other orgs-- some exceptions for treatment, payment and healthcare options. NLRB - Correct Answer-National Labor Relations Board National Labor Relations Board - Correct Answer-Independent agency of US gov't responsible for investigating and remedying unfair labor practices. NSL - Correct Answer-National Security Letter National Security Letter - Correct Answer-Category of subpoena generally issued to seek records considered relevant to protect against international terrorism or clandestine intelligence activities. pg. 6 professoraxe l Negligence - Correct Answer-Failure to exercise the care that a reasonably prudent person would exercise in like circumstances, leading to unintended harm. OECD - Correct Answer-Organization for Economic Co- operation and Development Org for Economic Co-operation and Development - Correct Answer-Multinational org with the goal of creating polices that contribute to the economic, environmental and social well-being of its member countries. PCI DSS - Correct Answer-Payment Card Industry Data Security Standard Payment Card Industry Data Security Standard - Correct Answer-Set of rules developed by the PCI DSS Council to provide enforceable security standard for payment card data. PHI - Correct Answer-Personal Health Information pg. 7 professoraxe l industries where employee has diminished expectation of privacy / where testing is critical to public safety or nat'l security. Reasonable suspicion - Correct Answer-Criteria for substance testing in an employment-setting Redaction - Correct Answer-Practice of identifying and removing / blocking info from docs being produced pursuant to a discovery request / evidence in a court proceeding. Sedona Conference - Correct Answer-Nonprofit research & educational institute responsible for est of standards and best practices for managing electronic discovery compliance through data retention policies. Stored Communications - Correct Answer-Category of data prohibited from unauthorized acquisition, alteration or blocking while stored in facility through which electronic acquisition, alteration / blocking while stored ... Whistleblower Protection Act - Correct Answer- pg. 10 professoraxe l Statutes - Correct Answer-Local, state or federal laws that have been enacted by Congress Regulations - Correct Answer-Published by regulatory agencies (FTC; Federal Trade Commission) Case Law - Correct Answer-Decisions published by the cours What are the three branches of Government? - Correct Answer-Executive Branch, Legislative Branch, Judicial Branch What is the Function, Make up, Checks & Balances of the Executive Branch? - Correct Answer-Function: Enforcement of laws Made up of: President, Vice-President, Cabinet, Federal Agencies Checks & Balances: President appoints Federal Judges, President able to veto laws passed by Congress What is the Function, Make up, Checks & Balances of the Legislative Branch? - Correct Answer-Function: Creation of laws pg. 11 professoraxe l Made up of: Congress (House & Senate) Checks & Balances: Congress confirms any presidential appointees, Congress can override presidential vetoes What is the Function, Make up, Checks & Balances of the Judicial Branch? - Correct Answer-Function: Interpretation of laws Made up of: Federal Courts Checks & Balances: Determines if laws are constitutional What are the sources of law in the US? - Correct Answer- Statutes, regulations, case law, common law How is a law analyzed? - Correct Answer-1. Why does this law exist? 2. Who is covered? 3. What is covered? 4. What is required or prohibited? 5. Who enforces the law? 6. What happens if there is no compliance? pg. 12 professoraxe l State Attorneys General - Correct Answer-Responsible for enforcement of privacy legislation Federal Reserve System (the Fed) - Correct Answer-Central bank of the US Who created the Fed and why? - Correct Answer-Created by Congress to provide the US with a "safer, more flexible and more stable monetary and financial system. An independent entity subject to oversight by the Congress who can alter its responsibilities by statute. The Federal Reserve Act - Correct Answer-Enacted in 1913 due to failure of national banks to provide effective funding. Comprised of the Board of Governors in Washington and 12 Fed Reserve Banks situated throughout the US. The National Monetary Commission - Correct Answer- Established by Congress due to a severe crisis in 1907. The commission made proposals to create an institutions that would prevent financial disruptions (the Fed). FOMC - Correct Answer-Federal Open Market Committee pg. 15 professoraxe l Federal Open Market Committee - Correct Answer-A body established by the Federal Reserve Act to govern the system's operations. Principal source on US national monetary policy. Role of the Federal Reserve System - Correct Answer-1) Conduct nation's monetary policy 2) Supervise and regulate banking institutions 3) Maintain stability of the financial system 4) Provide financial services to depository institutions, US government and foreign official institutions. What's the Federal Reserve's responsibilities with regards to consumer protection? - Correct Answer-1) Writing & interpreting regulations 2) Review bank compliance w/ regs 3) Investigate complaints from the public banks compliance with consumer protection laws. 4) Address issues of state and federal jurisdiction 5) Testify before Congress on consumer protection issues. 6) Conduct community development activities. pg. 16 professoraxe l OBA - Correct Answer-Online Behavioral Advertising Online Behavioral Advertising - Correct Answer-Tracking of consumers' online activities in order to deliver personal advertising. Allows business to specifically target their ads towards individuals. Self-regulatory principles for online behavioral advertisements - Correct Answer-Published by FTC and includes and provides businesses the flexibility to apply regulations. What is a Trust Mark? - Correct Answer-Considered to be a symbol that represents an assurance of some understood message (i.e. seal of approval). The FTC and state Attorneys General are responsible for? - Correct Answer-Enforcing federal and state laws of consumer privacy protection for Unfair or Deceptive Trade Practices (UDTP) What happened with the state of Maine's consumer protections? - Correct Answer-Their state's consumer pg. 17 professoraxe l Which federal agency notes that individuals privacy rights are protected by the following: Internal Revenue Code, Privacy Act of 1974, Freedom of Information Act and IRS policies and practices? - Correct Answer-IRS DoD - Correct Answer-Department of Defense Which agency has a Privacy Act Statement with the following: "If you choose to provide us with personal information... we will only use that information to respond to your message or request. We will only share the information you give us with another government agency if your inquiry relates to the agency, or as otherwise required by law..." - Correct Answer- DoD MNC - Correct Answer-Multi-National Corporation What is an information system? - Correct Answer-A set of people, data and procedures that work together to provide useful information. MIS - Correct Answer-Management Information System pg. 20 professoraxe l An organizations __________________ is a system for obtaining, processing and delivering information that can be used in managing the orgs in order to improve the performance of the orgs through the implementation of IT. - Correct Answer-Management Information System (MIS) The newfound MIS capability not only allows more timely decision making, it also does this... - Correct Answer-Enables better control of foreign subsidiaries or operations. A security incident refers to... - Correct Answer-An adverse event in an information system and/or network, or threat of the occurrence of such an event. ________refers to a real or perceived likelihood that the actions, decisions or behaviours of an individual, group or organization will be evaluated by some salient audience and that there exists the potential for the individual, group or org to receive either rewards or sanctions based on this expected evaluation. - Correct Answer-Accountability ______ is the process of identifying, preserving, collecting, preparing, reviewing and producing electrically stored information (ESI) within any medium or any designated pg. 21 professoraxe l tangible thing. - Correct Answer-Electronic Discovery (e- Discovery) The conflict between US e-discovery and EU data protections means.... - Correct Answer-Many multinational companies have to choose between restricting an e-discovery or acting in breach of data protection legislation. These regulators do NOT operate on the federal level - Correct Answer-Attorneys General (AGs) This regulator does NOT enforce privacy and consumer protection laws - Correct Answer-Federal Communications Commission (FCC) This regulator would conduct investigations to enforce the HIPAA Privay Rule - Correct Answer-Department of Health and Human Services Office of Civil Rights (OCR) The Office of the Comptroller of the Currency cannot carry out the following: - Correct Answer-Enforce Federal consumer protection laws. pg. 22 professoraxe l This is NOT a common element of an FTC settlement agreement - Correct Answer-A relegation of responsibility to the FTC to develop an information security program. What is a consent decree? - Correct Answer-When the FTC sites a business in violation of unfair or deceptive trade practices or violation of a specific consumer protection law. The respondent does not admit fault, but promises to change its practices. This was the first FTC Internet privacy enforcement action - Correct Answer-GeoCities What was the case of GeoCities about? - Correct Answer-First, it allegedly misrepresented how it would use its privacy notice. Second, it collected and maintained children's personal info without parental consent. What was the outcome in the matter of GeoCities? - Correct Answer-The action was settled. The FTC issued a consent order which required the business to post and adhere to a conspicuous online privacy notice that disclosed to users how it would collect and use personal information. They were also pg. 25 professoraxe l required to obtain parental / guardian consent before collecting information from children 12 years of age or under. What is the most important part of the Federal Trade Commission Act and what does it say? - Correct Answer- Section 5 - in 1914 - proscribes unfair competition and authorizes the FTC to issue order prohibiting 'unfair methods of competition'. What did the Wheeler-Lea Act do when it was created in 1938? - Correct Answer-Expanded FTC authority under Section 5 to include 'unfair or deceptive acts or practices.' The act or practice causing substantial injury to consumers, consumers must not reasonably be able to avoid injury, injury must not be outweighed by other benefits to consumers or to corporate competition, public policy must be considered... all these acts or practices are deemed to be __________________. - Correct Answer-Unfair practices. According to the FTC Act, violations of an FTC order may be punishable of fines up to: - Correct Answer-$11,000 per violation pg. 26 professoraxe l Self-regulation can occur through these three traditional separation of powers: - Correct Answer-Legislation, enforcement and adjudication Consent decrees are signed by - Correct Answer-The company and the FTC In May 2002, the FTC and Eli Lilly entered into a consent decree to resolve privacy issues with their Medi-messenger service. The order required the company notify the FTC in the event of any change that may affect its compliance. Such notices were to be provided within: - Correct Answer-120 days The fine imposed for deceptive trade practices in December 2002, when the FTC entered into a consent decree with Microsoft to resolve issues with their Passport technology was: - Correct Answer-None. The FTC did not impose a fine. In May 2002, The FTC and Eli Lilly entered into a consent decree to resolve privacy issues with their Medi-messenger service. The fine imposed for deceptive trade practices was: - Correct Answer-None. The FTC did not impose a fine. pg. 27 professoraxe l State AGs are able to bring actions which enforce the following legislation: - Correct Answer-State and Federal Consumer injury does not necessarily have to result for this to be actionable: - Correct Answer-Deceptive trade practices The FTC may not preclude/supersede state action of this independent authority: - Correct Answer-State AGs The FTC brought complaint against Petco Inc. because: - Correct Answer-Clients' credit card info was not being appropriately protected. Petco's website was vulnerable to SQL searches, which revealed clients' credit card info. Regarding the Nov 2014 Petco case, the FTC deemed the company's actions as deceptive, but did not allege this: - Correct Answer-Consumer injury The FTC ordered Petco to conduct a risk assessment, which included all of the following areas of focus EXCEPT: Employee training HR policies and practices pg. 30 professoraxe l information systems potential systems failures. - Correct Answer-HR policies & practices The FTC and Petco entered into a consent decree to resolve security flaws with their web applications. Petco was ordered to carry out a third-party audit within: - Correct Answer-180 days after service of order pg. 31 professoraxe l