Microstrategy Privacy Shield Compliant Practice Exam, Exams of Technology

This course provides training on Privacy Shield compliance for MicroStrategy Cloud. Participants will learn data protection, privacy policies, cross-border data transfers, and compliance verification. Labs simulate enterprise cloud privacy management.

Typology: Exams

2025/2026

Available from 12/04/2025

shilpi-jain-1
shilpi-jain-1 🇮🇳

4.2

(5)

29K documents

1 / 115

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Microstrategy Privacy Shield Compliant Practice Exam
**Question 1.** Which of the following best defines “Personal Data” under the
EUU.S. Privacy Shield framework?
A) Any information that can be linked to a natural person, directly or indirectly.
B) Only data that includes a name and address.
C) Information that is publicly available on the internet.
D) Data that is encrypted at rest.
**Answer:** A
**Explanation:** Personal Data is any information relating to an identified or
identifiable natural person, regardless of format or source.
**Question 2.** Under the Privacy Shield, “Sensitive Personal Data” includes
which of the following?
A) Email addresses.
B) Racial or ethnic origin.
C) Purchase history.
D) IP address.
**Answer:** B
**Explanation:** Sensitive Personal Data covers categories such as race, health,
genetic, or biometric data, which require higher protection.
**Question 3.** In the Privacy Shield context, who is the Data Controller?
A) MicroStrategy as the cloud service provider.
B) The enduser of a MicroStrategy report.
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b
pf3c
pf3d
pf3e
pf3f
pf40
pf41
pf42
pf43
pf44
pf45
pf46
pf47
pf48
pf49
pf4a
pf4b
pf4c
pf4d
pf4e
pf4f
pf50
pf51
pf52
pf53
pf54
pf55
pf56
pf57
pf58
pf59
pf5a
pf5b
pf5c
pf5d
pf5e
pf5f
pf60
pf61
pf62
pf63
pf64

Partial preview of the text

Download Microstrategy Privacy Shield Compliant Practice Exam and more Exams Technology in PDF only on Docsity!

Question 1. Which of the following best defines “Personal Data” under the EU‑U.S. Privacy Shield framework? A) Any information that can be linked to a natural person, directly or indirectly. B) Only data that includes a name and address. C) Information that is publicly available on the internet. D) Data that is encrypted at rest. Answer: A Explanation: Personal Data is any information relating to an identified or identifiable natural person, regardless of format or source. Question 2. Under the Privacy Shield, “Sensitive Personal Data” includes which of the following? A) Email addresses. B) Racial or ethnic origin. C) Purchase history. D) IP address. Answer: B Explanation: Sensitive Personal Data covers categories such as race, health, genetic, or biometric data, which require higher protection. Question 3. In the Privacy Shield context, who is the Data Controller? A) MicroStrategy as the cloud service provider. B) The end‑user of a MicroStrategy report.

C) The MicroStrategy customer that determines the purposes of processing. D) The EU data protection authority. Answer: C Explanation: The Data Controller decides why and how personal data is processed; in this scenario, it is the MicroStrategy customer. Question 4. Which principle requires that organizations give individuals notice about how their data will be used? A) Choice B) Notice C) Accountability for Onward Transfer D) Recourse Answer: B Explanation: The Notice principle mandates clear communication to data subjects about collection, use, and disclosure. Question 5. The “Choice” principle primarily provides individuals with which right? A) To demand data deletion. B) To opt‑out of certain data disclosures or uses. C) To receive compensation for misuse. D) To audit the data processor. Answer: B

Question 8. The “Data Integrity and Purpose Limitation” principle mandates that data must be: A) Collected for any future purpose. B) Accurate, complete, and used only for the notified purpose. C) Shared with all employees. D) Kept indefinitely. Answer: B Explanation: Data must be relevant, accurate, and processed only for the purpose disclosed to the data subject. Question 9. Which right is covered by the “Access” principle? A) The right to delete data. B) The right to receive a copy of one’s personal data and correct it. C) The right to sue the processor. D) The right to request data encryption. Answer: B Explanation: Access allows individuals to obtain and amend their personal data. Question 10. Under the “Recourse, Enforcement, and Liability” principle, an individual can: A) File a complaint with the U.S. Department of Commerce. B) Directly sue the EU data protection authority.

C) Request a data breach notification only after 30 days. D) Modify the privacy policy themselves. Answer: A Explanation: Individuals may submit complaints to the U.S. Department of Commerce or the FTC for enforcement. Question 11. In MicroStrategy, which component is used to enforce row‑level security? A) Object Security Lists (OSL). B) Data Security Filters. C) Report Scheduler. D) Data Import Wizard. Answer: B Explanation: Data Security Filters restrict attribute element visibility, implementing row‑level security. Question 12. Which MicroStrategy feature helps mask personally identifiable information in reports? A) Data Load Manager. B) Data Masking Engine. C) Attribute Substitution. D) Data Anonymization Transformation. Answer: D

Question 15. In the context of MicroStrategy Cloud (MCE), “Onward Transfer” most directly refers to: A) Data moving from the customer’s on‑premises system to MicroStrategy’s cloud. B Data being sent from MicroStrategy to its sub‑processors (e.g., AWS). C) Data being exported to a CSV file by an end‑user. D) Data replication within the same data center. Answer: B Explanation: Onward Transfer covers the processor’s transfer of data to sub‑processors, requiring equivalent protections. Question 16. Which certification demonstrates that MicroStrategy’s cloud environment meets recognized security standards relevant to Privacy Shield? A) PCI‑DSS. B) SOC 2 Type II. C) HIPAA. D) ISO 9001. Answer: B Explanation: SOC 2 Type II assesses controls related to security, availability, processing integrity, confidentiality, and privacy. Question 17. To comply with the “Security” principle, MicroStrategy must ensure encryption _____ for data in transit. A) Only for data larger than 1 GB.

B) Using TLS 1.2 or higher for all communications. C) Only when users access from outside the corporate network. D) Only for backup files. Answer: B Explanation: TLS 1.2+ provides strong encryption for data in transit, satisfying the Security principle. Question 18. Which MicroStrategy component can be used to monitor who accessed which data objects, supporting audit requirements? A) Platform Analytics. B) Report Builder. C) Data Import Wizard. D) Mobile App Designer. Answer: A Explanation: Platform Analytics tracks usage, providing logs for audit and compliance verification. Question 19. Under the “Choice” principle, how should a MicroStrategy‑enabled application present opt‑out options? A) Hidden in the terms of service. B) Clearly visible and easily actionable within the user interface. C) Only via a phone call to support. D) Through a third‑party website.

Explanation: A DPA details how personal data will be processed, protected, and the obligations of each party. Question 22. Which MicroStrategy feature helps enforce the “Access” principle by allowing users to request a copy of their data? A) Data Export Scheduler. B) Self‑service Data Subject Access Request (DSAR) portal. C) Report Scheduler. D) Mobile Push Notification. Answer: B Explanation: A DSAR portal enables individuals to retrieve their personal data directly, supporting the Access right. Question 23. In the event of a data breach, which timeline is required by the Privacy Shield for notifying the affected EU data subjects? A) Within 72 hours of discovery. B) Within 30 days of discovery. C) Within 7 days of discovery. D) No specific timeline is mandated. Answer: A Explanation: Though not a GDPR requirement, the Privacy Shield encourages prompt notification, often interpreted as within 72 hours.

Question 24. Which of the following is a key difference between “On‑premises MicroStrategy” and “MicroStrategy Cloud (MCE)” regarding the “Accountability for Onward Transfer” principle? A) On‑premises never uses sub‑processors. B) Cloud deployments involve third‑party infrastructure providers, requiring additional contractual safeguards. C) On‑premises automatically satisfies all Privacy Shield requirements. D) Cloud deployments do not need to provide access logs. Answer: B Explanation: Cloud services rely on sub‑processors (e.g., AWS) that must be bound by equivalent privacy commitments. Question 25. Which of the following best illustrates a violation of the “Purpose Limitation” principle? A) Using collected email addresses solely for sending newsletters as disclosed. B) Re‑using customer purchase data for targeted advertising without informing the customers. C) Deleting data after the retention period expires. D) Encrypting data at rest. Answer: B Explanation: Using data for a purpose not disclosed to the data subject breaches purpose limitation.

B) Privacy notice or policy that explains data collection, use, and sharing. C) Service Level Agreement (SLA). D) Software license agreement. Answer: B Explanation: A privacy notice informs data subjects about how their personal data is handled. Question 29. Which of the following is an example of a “Sensitive Personal Data” element that must receive heightened protection in MicroStrategy reports? A) Customer’s favorite color. B) Employee health information. C) Product SKU. D) Transaction timestamp. Answer: B Explanation: Health information is classified as sensitive and requires stricter safeguards. Question 30. When configuring firewall rules for MicroStrategy Cloud, which principle is being addressed? A) Choice. B) Security – protecting data from unauthorized network access. C) Data Integrity. D) Recourse.

Answer: B Explanation: Firewalls limit exposure, aligning with the Security principle. Question 31. Which MicroStrategy tool can generate a data lineage map to support compliance audits? A) Data Import Wizard. B) Metadata Manager. C) Report Builder. D) Mobile App Designer. Answer: B Explanation: Metadata Manager tracks data flow from source to reports, facilitating lineage documentation. Question 32. The “right to be forgotten” is primarily associated with which regulation, not directly with Privacy Shield? A) GDPR. B) HIPAA. C) CCPA. D) PCI‑DSS. Answer: A Explanation: GDPR includes the right to erasure; Privacy Shield does not explicitly codify it.

B) Restricting the data rows a user can see based on attribute values. C) Encrypting each row individually. D) Deleting rows that contain personal data. Answer: B Explanation: Row‑level security filters data at the attribute element level, limiting visibility per user. Question 36. Which of the following activities would satisfy the “Recourse” principle for a data subject who believes their data was misused? A) Filing a complaint with the European Data Protection Board. B) Submitting a grievance to the U.S. Department of Commerce or the FTC. C) Posting a public complaint on social media. D) Requesting a refund from MicroStrategy. Answer: B Explanation: The Privacy Shield provides mechanisms for individuals to file complaints with U.S. authorities. Question 37. In MicroStrategy, which object type typically stores the definition of a security filter? A) Cube. B) Report. C) Attribute. D) Security Filter (object).

Answer: D Explanation: Security Filters are distinct objects that define row‑level access rules. Question 38. Which of the following is a core requirement of the “Security” principle regarding incident response? A) Ignoring minor incidents. B) Maintaining a documented breach response plan and notifying the controller promptly. C) Waiting 90 days before investigating. D) Only notifying internal staff. Answer: B Explanation: A documented response plan and timely notification are essential to mitigate breach impact. Question 39. Which of the following helps ensure “Data Integrity” when a MicroStrategy user modifies a fact table? A) Disabling all constraints. B) Enabling transaction logging and audit trails. C) Allowing direct SQL updates without logging. D) Using temporary tables only. Answer: B

Question 42. Which of the following best illustrates “purpose‑compatible” onward transfer? A) Sending personal data to a marketing sub‑processor without informing the data subject. B) Transferring employee payroll data to a payroll‑processing sub‑processor after notifying the employees. C) Sharing customer addresses with a public website. D) Exporting analytical data to an unrestricted data lake. Answer: B Explanation: The transfer aligns with the original purpose (payroll) and the subjects are informed, satisfying purpose compatibility. Question 43. Which MicroStrategy feature can be used to automatically encrypt data fields before they are written to the data warehouse? A) Data Masking Transformation in Data Import. B) Visual Insight Designer. C) Report Scheduler. D) Mobile App Builder. Answer: A Explanation: Data masking transformations can apply encryption or tokenization during import.

Question 44. Which of the following is a required element of a privacy notice under the “Notice” principle? A. The exact IP address of every server used. B. The categories of personal data collected. C. The internal salary of the data protection officer. D. The number of employees in the organization. Answer: B Explanation: Notices must disclose the types of data collected, among other key details. Question 45. Under the “Choice” principle, which mechanism is considered acceptable for obtaining consent to share data with a third‑party? A. Implicit consent through website navigation. B. Clear, affirmative opt‑in checkbox that is not pre‑checked. C. A hidden field in the HTML form. D. Verbal agreement recorded in an audio file. Answer: B Explanation: Explicit, un‑pre‑checked opt‑in meets the standard for meaningful choice. Question 46. Which of the following actions would directly support the “Security” principle in a MicroStrategy deployment? A. Disabling multi‑factor authentication for admin accounts.