.png){kind=logo}
CIPP US PRACTICE EXAM ACTUAL /
QUESTIONS WITH 100% CORRECT ANSWERS GRADED
A+/VERIFIED
- What type of malicious software uses encryption to
- Virus
- Worm
- Ransomware
- Trojan horse - ----Answers---C
- Which of the following laws includes regulations to
- Nevada SB 538
render data inaccessible to authorized users?
protect the privacy of consumer reading habits?
B. DOPPA
- The New Jersey Personal Information and Privacy
- CCPA - ----Answers---B
Protection Act
- CalECPA provides additional privacy protections for
- The education sector
- Electronic health information
- Online communications and activities
- Electronic payment transactions - ----Answers---C 1 / 4
which of the following?
- The EU's GDPR is most equivalent to which U.S.
- The Patriot Act
- The Privacy Act
- None
- The Civil Rights Act - ----Answers---C
federal law?
- Which of the following is not one of the nine
- Notice
- Integrity of personal information
- Security safeguards
- Right to be forgotten - ----Answers---D
principles of the APEC framework?
- All of the following may qualify as derogations that
may allow international data transfers of personal
information to take place under GDPR, except:
- With the consent of the data subject
- To meet the terms of a contract with the data subject
- If the information is already public
- For research purposes - ----Answers---D
- / 4
- Grafton Street Coffee Co., based in Dublin, Ireland,
- They are both data controllers.
- AdCorp is acting as a data controller/ Grafton Street
- Grafton Street Coffee is acting as a data controller
- They are both acting as data processors. - ----
has hired a neighboring business, AdCorp, to help them analyze customer preferences and send targeted marketing to drive repeat business. What legal roles are each of these businesses most likely playing when it comes to handling personal information?
Coffee is acting as a data processor.
and AdCorp is acting as a data processor.
Answers---C
- Yuping is helping a small data analytics startup
- U.S. Privacy Shield
- Standard contractual clauses
- Binding corporate rules
- APEC - ----Answers---B
- / 4
company based in the United States expand their business by offering analytics services for companies in the EU. Which of the following routes is Yuping most likely to recommend to facilitate data transfer from EU companies to the startup?
- Said's U.S.‐based company holds personal
- A failure of the U.S. Privacy Shield program
- A multinational compliance conflict
- The weakness of U.S. privacy laws
- Jurisdictional overreach by the EU - ----Answers---
information of EU data subjects. In the course of an eDiscovery request, Said is asked to turn over datasets that include this personal information. This disclosure is prohibited by the GDPR. What does this scenario illustrate?
B
- A large U.S.‐based multinational corporation wants to
- Join the U.S.‐EU Privacy Shield program
- BCRs
- SCCs
- CBPR - ----Answers---B
expand into the EU. The company wants to facilitate seamless international data transfers among its many subsidiaries operating in the United States and the EU.What approach should this company take?
- Do U.S.‐based companies have to comply with
- / 4
requests to exercise data subject rights under the
.png)