
ISACA CDPSE認定試験問題集には122練習テスト問題があります
最新CDPSE試験問題集には高得点で一発合格
ISACA CDPSE 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
| トピック 7 |
|
| トピック 8 |
|
| トピック 9 |
|
質問 42
Which of the following should be done FIRST when developing an organization-wide strategy to address data privacy risk?
- A. Gather privacy requirements from legal counsel.
- B. Obtain executive support.
- C. Create a comprehensive data inventory.
- D. Develop a data privacy policy.
正解: C
質問 43
Which of the following MUST be available to facilitate a robust data breach management response?
- A. An inventory of affected individuals and systems
- B. Best practices to obfuscate data for processing and storage
- C. Lessons learned from prior data breach responses
- D. An inventory of previously impacted individuals
正解: C
質問 44
When configuring information systems for the communication and transport of personal data, an organization should:
- A. implement the least restrictive mode.
- B. enable essential capabilities only.
- C. review configuration settings for compliance.
- D. adopt the default vendor specifications.
正解: C
質問 45
An email opt-in form on a website applies to which privacy principle?
- A. Accuracy
- B. Integrity
- C. Transparency
- D. Consent
正解: D
質問 46
Which of the following is the PRIMARY objective of privacy incident response?
- A. To mitigate the impact of privacy incidents
- B. To reduce privacy risk to the lowest possible level
- C. To ensure data subjects impacted by privacy incidents are notified.
- D. To optimize the costs associated with privacy incidents
正解: A
質問 47
Which of the following deployed at an enterprise level will MOST effectively block malicious tracking of user Internet browsing?
- A. Domain name system (DNS) sinkhole
- B. Desktop antivirus software
- C. Web application firewall (WAF)
- D. Website URL blacklisting
正解: C
質問 48
Which of the following should be done FIRST to address privacy risk when migrating customer relationship management (CRM) data to a new system?
- A. Perform a privacy impact assessment (PIA).
- B. Obtain consent from data subjects.
- C. Develop a data migration plan.
- D. Conduct a legitimate interest analysis (LIA).
正解: C
質問 49
Which of the following should an IT privacy practitioner do FIRST following a decision to expand remote working capability to all employees due to a global pandemic?
- A. Enforce multi-factor authentication for remote access.
- B. Implement a virtual private network (VPN) tool.
- C. Evaluate the impact resulting from this change.
- D. Revisit the current remote working policies.
正解: D
質問 50
Which of the following should be done FIRST to establish privacy to design when developing a contact-tracing application?
- A. Identify privacy controls for the application.
- B. Conduct a development environment review.
- C. Conduct a privacy impact assessment (PIA).
- D. Identify differential privacy techniques.
正解: D
質問 51
Which of the following is the MOST important consideration when using advanced data sanitization methods to ensure privacy data will be unrecoverable?
- A. Regulatory compliance requirements
- B. Subject matter expertise
- C. Location of data
- D. Type of media
正解: A
質問 52
Which of the following is the MOST important consideration when determining retention periods for personal data?
- A. Notice provided to customers during data collection
- B. Data classification standards
- C. Sectoral best practices for the industry
- D. Storage capacity available for retained data
正解: C
質問 53
Which party should data subject contact FIRST if they believe their personal information has been collected and used without consent?
- A. Outside privacy counsel
- B. Data protection authorities
- C. Privacy rights advocate
- D. The organization's chief privacy officer (CPO)
正解: B
質問 54
Which of the following is the BEST way to protect the privacy of data stored on a laptop in case of loss or theft?
- A. Strong authentication controls
- B. Regular backups
- C. Endpoint encryption
- D. Remote wipe
正解: D
質問 55
Which of the following system architectures BEST supports anonymity for data transmission?
- A. Front-end
- B. Peer-to-peer
- C. Client-server
- D. Plug-in-based
正解: C
質問 56
An organization's data destruction guidelines should require hard drives containing personal data to go through which of the following processes prior to being crushed?
- A. Degaussing
- B. Low-level formatting
- C. Hammer strike
- D. Remote partitioning
正解: B
質問 57
When a government's health division established the complete privacy regulation for only the health market, which privacy protection reference model is being used?
- A. Self-regulatory
- B. Comprehensive
- C. Co-regulatory
- D. Sectoral
正解: B
質問 58
A global financial institution is implementing data masking technology to protect personal data used for testing purposes in non-production environments. Which of the following is the GREATEST challenge in this situation?
- A. Data masking tools are complex and difficult to implement.
- B. Personal data across the various interconnected systems cannot be easily identified.
- C. Complex relationships within and across systems must be retained for testing.
- D. Access to personal data is not strictly controlled in development and testing environments.
正解: A
質問 59
Which of the following should be established FIRST before authorizing remote access to a data store containing personal data?
- A. Multi-factor authentication
- B. Network security standard
- C. Virtual private network (VPN)
- D. Privacy policy
正解: D
質問 60
Which of the following is an IT privacy practitioner's BEST recommendation to reduce privacy risk before an organization provides personal data to a third party?
- A. Tokenization
- B. Anonymization
- C. Aggregation
- D. Encryption
正解: B
質問 61
Which of the following is the BEST way to limit the organization's potential exposure in the event of consumer data loss while maintaining the traceability of the data?
- A. Use a unique hashing algorithm.
- B. Encrypt the data at rest.
- C. De-identify the data.
- D. Require a digital signature.
正解: D
質問 62
Which of the following is the PRIMARY reason that organizations need to map the data flows of personal data?
- A. To determine data integration gaps
- B. To evaluate effectiveness of data controls
- C. To comply with regulations
- D. To assess privacy risks
正解: D
質問 63
Which of the following is the PRIMARY benefit of implementing policies and procedures for system hardening?
- A. It eliminates attack motivation for data.
- B. It reduces external threats to data.
- C. It reduces exposure of data.
- D. It increases system resiliency.
正解: B
質問 64
Which of the following is the BEST way for an organization to limit potential data exposure when implementing a new application?
- A. Use only the data required by the application.
- B. Capture the application's authentication logs.
- C. Encrypt all data used by the application.
- D. Implement a data loss prevention (DLP) system.
正解: D
質問 65
Which of the following is the PRIMARY reason to complete a privacy impact assessment (PIA)?
- A. To comply with consumer regulatory requirements
- B. To understand privacy risks
- C. To establish privacy breach response procedures
- D. To classify personal data
正解: A
質問 66
Which of the following features should be incorporated into an organization's technology stack to meet privacy requirements related to the rights of data subjects to control their personal data?
- A. Allowing individuals to have direct access to their data
- B. Providing system engineers the ability to search and retrieve data
- C. Establishing a data privacy customer service bot for individuals
- D. Allowing system administrators to manage data access
正解: A
解説:
Any organization collecting information about EU residents is required to operate with transparency in collecting and using their personal information. Chapter III of the GDPR defines eight data subject rights that have become foundational for other privacy regulations around the world:
Right to access personal data. Data subjects can access the data collected on them.
質問 67
......
無料提供中CDPSEブレーン問題集とCDPSEリアル試験問題を試そう:https://jp.fast2test.com/CDPSE-premium-file.html
ISACA CDPSE実際の問題とブレーン問題集:https://drive.google.com/open?id=18pRgYEm9jCp7vgu5XaAA6HNLEz5E3GqU