Black Friday Special - 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dm70dm

DCPP-01 DSCI certified Privacy Professional (DCPP) Questions and Answers

Questions 4

A government agency collecting biometrics of citizens can deny sharing such information with Law Enforcement Agencies (LEAs) on which of the following basis?

Options:

A.

The purpose of collecting the biometrics is different than what LEAs intent to use it for

B.

The consent of data subjects has not been taken

C.

Government agencies would share the biometrics with LEAs on one condition if LEA properly notify the citizens

D.

None of the above, as government agencies would never deny any LEA for sharing such information for the purpose of mass surveillance

Buy Now
Questions 5

A Privacy Impact Assessment (PIA) should ideally accomplish which of the following goals?

Options:

A.

To determine the risks and effects of collecting, storing and distributing personal information

B.

To evaluate processes for handling personal information for mitigating potential privacy risks

C.

To acknowledge the organization’s role in collecting personal identifiable information

D.

To comply with ISO 27001:2013 standard

Buy Now
Questions 6

A financial organization may share nonpublic information about its customers in accordance with Gramm-Leach-Bliley Act of the US. Which one of the following is the requirement?

Options:

A.

Data sharing does not require consent from the consumers.

B.

As soon as the GLBA privacy notice is disclosed initially and annually

C.

FTC permission is required

D.

Consumers' consent must be obtained first

Buy Now
Questions 7

What is not a compulsory pre-requisite before a company with headquarters in the EU transfers sensitive personal data to its Asian subsidiaries?

Options:

A.

Self-certifying to Safe Harbor practices and reporting to Federal Trade Commission

B.

Performing a risk assessment for the processing involved

C.

Data subjects are notified

D.

Assessing the country's adequacy

Buy Now
Questions 8

Which one of the following is considered as the first step of evolution in the formation of today’s concept of privacy?

Options:

A.

Fundamental civil liberty

B.

Universal declaration of human rights

C.

Right to be left alone

D.

Binding corporate rules

Buy Now
Questions 9

In India, who among the following would be the authorized legal entities to monitor and intercept communication of individuals?

Options:

A.

“Intermediaries” as defined under the IT (Amendment) Act, 2008

B.

Telecom Service Providers

C.

Intelligence and Law Enforcement Agencies

D.

Directorate of Revenue Intelligence (DRI)

Buy Now
Questions 10

Technological advancement is inevitable and the speed of change is exponential. In such a scenario, which of the following statement is not true for defining the relationship between privacy protection and technology advancement, both at individual and corporate levels?

Options:

A.

Maintaining privacy is difficult with emerging platforms and services

B.

Maintaining privacy is difficult, as exercising complete control over personal information in online environment is an uphill task

C.

Technology advancements and privacy protection are independent concepts that are not related

D.

Maintaining privacy in cyberspace becomes easier with proper use of tools and technologies

Buy Now
Questions 11

Effective 2013, HIPAA Omnibus rule applies to which of the following?

Options:

A.

Covered Entities only

B.

Business Associates only

C.

Covered Entities & Business Associates

D.

Federal Health Bodies only

Buy Now
Questions 12

Under which of the following conditions can a company in India may transfer sensitive personal information (SPI) to any other company or a person in India, or located in any other country?

Options:

A.

Transfer of information is allowed to those who ensure the same level of data protection that is adhered to by the company as provided for under the Indian laws

B.

The transfer of information is allowed only after taking approval of Chief Information Commissioner of India

C.

The transfer of information is allowed only after taking approval of DeitY (Department of Electronics & Information Technology) in India

D.

The transfer may be allowed only if it is necessary for the performance of the lawful contract or where the data subject has consented to data transfer

Buy Now
Questions 13

‘Challenging Compliance’ as a privacy principle is covered in which of the following data protection/ privacy act?

Options:

A.

Federal Data Protection Act, Germany

B.

UK Data Protection Act

C.

PIPEDA

D.

Singapore Data Protection Act

Buy Now
Questions 14

Which of the following is not required by an organization in US, resorting to EU-US Safe Harbor provisions, to transfer personal information from EU member nation to US?

Options:

A.

Adherence to the seven safe harbor principles

B.

Disclose their privacy policy publicly

C.

Sign standard contractual clauses with data exporters in EU

D.

Notify FTC of the self-certification

Buy Now
Questions 15

According to IT (Amendment) Act,2008, who should designate a grievance officer to redress grievance(s) of provider of information?

Options:

A.

Data processor

B.

Third party agency collecting personal information

C.

Body corporate, which determines the means and purpose of data processing

D.

Natural person sharing his/her information

Buy Now
Questions 16

Indian constitution does not expressly provide for the “right to privacy” to its citizens. However, there were various judicial pronouncements of the apex court which finally established the “right to privacy” as a fundamental right subsumed under Article 21 of the constitution of India. Article 21 inter alia provides and protects the __________________.

Options:

A.

Right to Life and Personal liberty

B.

Right to Opportunity

C.

Right to Freedom of Speech and Expression

D.

Right to Equality before law

Buy Now
Questions 17

Company A collects and stores information from people X & Y on behalf of company B. Which of the following statements are true?

Options:

A.

A is the data controller since it collects data directly from X & Y

B.

B is the data controller while A is the sub processor as B has outsourced the data collection and processing to A

C.

B is the data controller that uses A as data processor to collect and process data of data subjects X and Y

D.

Both A & B are data controllers since both need to maintain highest principles of data protection

Buy Now
Questions 18

Choose the correct statement:

Projects like DNA profiling, UIDAI, collection of individual’s statistics, etc.

Options:

A.

Are executed with a sole aim to ensure that privacy of individuals is maintained

B.

Have been initiated to provide services to citizens for maintaining their online privacy only

C.

Have raised the need for a comprehensive privacy legislation at national level

D.

Have enforced a privacy legislation at national level

Buy Now
Exam Code: DCPP-01
Exam Name: DSCI certified Privacy Professional (DCPP)
Last Update: Nov 17, 2024
Questions: 122

PDF + Testing Engine

$49.5  $164.99

Testing Engine

$37.5  $124.99
buy now DCPP-01 testing engine

PDF (Q&A)

$31.5  $104.99
buy now DCPP-01 pdf
dumpsmate guaranteed to pass
24/7 Customer Support

DumpsMate's team of experts is always available to respond your queries on exam preparation. Get professional answers on any topic of the certification syllabus. Our experts will thoroughly satisfy you.

Site Secure

mcafee secure

TESTED 24 Nov 2024