New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: cramtick70

DCPP-01 DSCI certified Privacy Professional (DCPP) Questions and Answers

Questions 4

Which of the following does not fall under the category of Personal Financial Information (PFI)?

Options:

A.

Credit card number with expiry date

B.

Bank account Information

C.

Loan account Information

D.

Income tax return file acknowledgement number

Buy Now
Questions 5

Which of the following privacy regulation advocates de-identification of personal information?

Options:

A.

EU Data Protection Directive

B.

Canada’s PIPEDA

C.

Australia’s ANPP

D.

IT Act of India

Buy Now
Questions 6

Indian constitution does not expressly provide for the “right to privacy” to its citizens. However, there were various judicial pronouncements of the apex court which finally established the “right to privacy” as a fundamental right subsumed under Article 21 of the constitution of India. Article 21 inter alia provides and protects the __________________.

Options:

A.

Right to Life and Personal liberty

B.

Right to Opportunity

C.

Right to Freedom of Speech and Expression

D.

Right to Equality before law

Buy Now
Questions 7

Which of the following is not required by an organization in US, resorting to EU-US Safe Harbor provisions, to transfer personal information from EU member nation to US?

Options:

A.

Adherence to the seven safe harbor principles

B.

Disclose their privacy policy publicly

C.

Sign standard contractual clauses with data exporters in EU

D.

Notify FTC of the self-certification

Buy Now
Questions 8

Which of the following legislations/ guidelines do not cover the concept of trans-border data flow?

Options:

A.

OECD

B.

IT (Amendment) Act, 2008

C.

PIPEDA

D.

None of the above

Buy Now
Questions 9

A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some of the data that the organization collects is sensitive in nature, the processing of some of which is also outsourced to its branches in Asian countries.

For the outsourced work of its customers’ data processing, in order to initiate data transfer to another organizations outside EU, which is the most appropriate among the following?

Options:

A.

The vendor (data importer) in the third country, and not the exporter is responsible to put in place suitable model contractual clauses, and hence the exporter does not need to take any action.

B.

Since the data is processed by the vendor outside the EU, the EU directive does not apply and hence there are no legal concerns

C.

The data exporter needs to initiate model contractual clauses after obtaining approvals from data protection commissioner and have the vendor be a signatory on the same as data importer

D.

The data importer need to notify about the transfer to data protection commissioner in the destination country and exporter need to similarly notify in the EU country of origin

Buy Now
Questions 10

A ministry under government of India plans to collect citizens’ information related to their education, medical condition, economic status, caste and religion. As per the privacy requirements mentioned under Sec 43A of IT (Amendment) Act, 2008, the citizens’ ‘Consent’ would be mandatory for which of the following elements before their collection?

Options:

A.

Educational records

B.

Medical condition

C.

Caste and religion

D.

Sec 43A may not be applicable

Buy Now
Questions 11

Which of the following statement about Personally Identifiable Information (PII) is true?

Options:

A.

PII is necessarily a single data element, not a combination of data elements, which can uniquely identify an individual

B.

PII is a subset of Sensitive Personal Information

C.

PII is any information about a legal entity including details of its registration or any information that may allow its easy identification

D.

None of the above

Buy Now
Questions 12

If XYZ & Co. collects, stores and processes personal information of living persons, electronically in a structured filing system, then XYZ could be a:

Options:

A.

Data Processor

B.

Data Controller

C.

Data Subject

D.

Either A or B

Buy Now
Questions 13

Which of the following does not fall under the category of Sensitive Personal Data or Information as defined in the Information Technology (Reasonable Security Practices and Procedures and Sensitive Data or Information) Rules, 2011?

Options:

A.

Religious Beliefs

B.

Medical records and history

C.

Sexual orientation

D.

Password

Buy Now
Questions 14

Among the following options, which would be the most appropriate for the transfer of Personal and Sensitive data from an EU company to another organization outside the EU?

Options:

A.

The person transferring data to the destination country must inform the data protection commissioner, while the person exporting the data must notify the European Commission.

B.

This case is not covered by the EU directive.

C.

Putting in place suitable model contractual clauses is the vendor's responsibility in the third country.

D.

A data exporter needs to create model contractual clauses after obtaining approvals from the data protection commissioner.

Buy Now
Questions 15

Which among the following organizations does not issue a privacy seal?

Options:

A.

EuroPriSe

B.

BBBOnline

C.

Transaction Guard

D.

WebTrust

Buy Now
Questions 16

Privacy enhancing tools aim to allow users to take one or more of the following actions related to their personal data that is sent to, and used by online service providers, merchants or other users:

i. Increase control over their personal data

ii. Choose whether to use services anonymously or not

iii. Obtain informed consent about sharing their personal data

iv. Opt-out of behavioral advertising or any other use of data

Please select correct option from below:

Options:

A.

Only i

B.

Only i and ii

C.

All

D.

All except iii

Buy Now
Questions 17

Which of the following are needed for projects like DNA profiling, UIDAI, and statistical collection of individuals ?

Options:

A.

Established a service which guarantees citizens' privacy only online

B.

Protect the privacy of individuals

C.

The need for a comprehensive privacy legislation at national level

D.

None of the above

Buy Now
Questions 18

A company collects personal information about its employees and requests them to provide accurate information in order to avail benefits such as life insurance and medical insurance. Employees of the company have raised concerns about use of their personal information. Due to the concerns, the company has decided to create a privacy policy. What all should the company include in its privacy policy to address the raised concerns?

Options:

A.

The purpose of collection of personal data

B.

The principle of presumed consent for data disclosure to avail benefits

C.

Information about how personal information is processed and used, specifically

D.

Contact details of Law Enforcement Agencies (LEA) to whom information is disclosed

Buy Now
Exam Code: DCPP-01
Exam Name: DSCI certified Privacy Professional (DCPP)
Last Update: Dec 26, 2024
Questions: 122
DCPP-01 pdf

DCPP-01 PDF

$25.5  $84.99
DCPP-01 Engine

DCPP-01 Testing Engine

$30  $99.99
DCPP-01 PDF + Engine

DCPP-01 PDF + Testing Engine

$40.5  $134.99