لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
In 2014, Google was alleged to have violated the Family Educational Rights and Privacy Act (FERPA) through its Apps for Education suite of tools. For what specific practice did students sue the company?
A. Scanning emails sent to and received by students
B. Making student education records publicly available
C. Relying on verbal consent for a disclosure of education records
D. Disclosing education records without obtaining required consent
عرض الإجابة
اجابة صحيحة: B
السؤال #2
A large online bookseller decides to contract with a vendor to manage Personal Information (PI). What is the least important factor for the company to consider when selecting the vendor?
A. The vendor’s reputation
B. The vendor’s financial health
C. The vendor’s employee retention rates
D. The vendor’s employee training program
عرض الإجابة
اجابة صحيحة: B
السؤال #3
What was the basis for the "TrustSg" mark, which was designed to build confidence in e-commerce transactions before the PDPA was enacted?
A. The Fair Information Practice Principles
B. The Model Data Protection Code
C. The Electronic Transactions Act
D. The 1995 European Directive
عرض الإجابة
اجابة صحيحة: A
السؤال #4
What does NOT need to be considered when determining the retention schedule for sensitive personal data?
A. Business needs
B. Amount of data
C. Storage capacity
D. Regulatory requirements
عرض الإجابة
اجابة صحيحة: A
السؤال #5
Which provision of Hong Kong's Personal Data (Privacy) Ordinance (PDPO) strengthens the purpose limitation principle (DPP3)?
A. Notice; because the data subject must be provided with the purpose of the collection
B. Public domain; because the data subjects must agree to the purpose before their information is made publicly available
C. Prescribed consent; because the data subject must give express consent to their personal information being used for additional purposes
D. Finality; because the purpose for collection of personal information from the subject must be directly related to a function of the collector
عرض الإجابة
اجابة صحيحة: A
السؤال #6
Which of the following federal agencies does NOT enforce the Disposal Rule under the Fair and Accurate Credit Transactions Act (FACTA)?
A. The Office of the Comptroller of the Currency
B. The Consumer Financial Protection Bureau
C. The Department of Health and Human Services
D. The Federal Trade Commission
عرض الإجابة
اجابة صحيحة: C
السؤال #7
Under India's IT Rules 2011, data subjects have the right to correct inaccuracies in personal information collected about them only if? D.
A. They are also the providers of the information
B. They confirm their consent to maintain the information
C. They are able to prove the legitimacy of the corrections
D. They request the corrections within a specified amount of time
عرض الإجابة
اجابة صحيحة: A
السؤال #8
SCENARIO – Please use the following to answer the next question: Bharat Medicals is an established retail chain selling medical goods, with a presence in a number of cities throughout India. Their strategic partnership with major hospitals in these cities helped them capture an impressive market share over the years. However, with lifestyle and demographic shifts in India, the company saw a huge opportunity in door-to-door delivery of essential medical products. The need for such a service was confirmed by
A. Prescription details
B. Location data
C. Nationality
D. Religion
عرض الإجابة
اجابة صحيحة: D
السؤال #9
Both Sections 72 and 72A of India's IT Act 2000 involve unauthorized access of personal information. One main difference between the sections is that 72A does what?
A. Stipulates that disclosure has to have occurred
B. Specifies imprisonment as a possible penalty
C. Adds a provision about wrongful loss or gain
D. Includes the concept of consent
عرض الإجابة
اجابة صحيحة: C
السؤال #10
SCENARIO – Please use the following to answer the next question: Dracarys Inc. is a large multinational company with headquarters in Seattle, Washington, U.S.A. Dracarys began as a small company making and selling women's clothing, but rapidly grew through its early innovative use of online platforms to sell its products. Dracarys is now one of the biggest names in the industry, and employs staff across the globe, and in Asia has employees located in both Singapore and Hong Kong. Due to recent management re
A. That the vendor submits for approval from Dracarys a privacy notice explaining how personal data will be protected under the Indian Information Technology Act
B. That the vendor files requests for transfer of personal data out of India through the offices of the privacy commissioners of Hong Kong and Singapore
C. That the vendor is bound by legally enforceable obligations to provide the personal data a standard of protection that is at least comparable to the protection under the Singapore PDPA
D. That the vendor adheres to the same sector privacy rules followed by Dracarys headquarters based in Seattle regarding the transfer of personal data
عرض الإجابة
اجابة صحيحة: B
السؤال #11
Which of the following is NOT excluded from the scope of Singapore's Do Not Call registry?
A. Messages that promote investment opportunities
B. Messages that conduct market research
D. Messages from political candidates
عرض الإجابة
اجابة صحيحة: B
السؤال #12
SCENARIO – Please use the following to answer the next question: Bharat Medicals is an established retail chain selling medical goods, with a presence in a number of cities throughout India. Their strategic partnership with major hospitals in these cities helped them capture an impressive market share over the years. However, with lifestyle and demographic shifts in India, the company saw a huge opportunity in door-to-door delivery of essential medical products. The need for such a service was confirmed by
A. It must have a privacy policy on its website describing its data processing practices
B. It must obtain consent from Bharat Medicals consumers before processing their data
C. It must process Bharat Medicals' consumer data only according to agreed contractual terms
D. It must protect any unauthorized access any of Bharat Medicals consumer data that it obtained
عرض الإجابة
اجابة صحيحة: C
السؤال #13
In Hong Kong's revised Breach Guidance Note of 2015, what course of action did the Commissioner recommend that companies take immediately after experiencing a breach?
A. Proceed under the assumption that the breach is a threat to personal safety
B. Enlist the aid of law enforcement to determine the cause of the breach
C. Quickly issue a notification to the data subjects affected by the breach
D. Immediately gather essential information in relation to the breach
عرض الإجابة
اجابة صحيحة: A
السؤال #14
How are the scope of Singapore's Personal Data Protection Act and the scope of India's IT Rules similar?
A. They only apply to the private sector
B. They allow exemptions for military personnel
C. They apply to controllers and processors alike
D. They impose obligations on individuals acting in a domestic capacity
عرض الإجابة
اجابة صحيحة: D
السؤال #15
Which jurisdiction must courts have in order to hear a particular case?
A. Subject matter jurisdiction and regulatory jurisdiction
B. Subject matter jurisdiction and professional jurisdiction
C. Personal jurisdiction and subject matter jurisdiction
D. Personal jurisdiction and professional jurisdiction
عرض الإجابة
اجابة صحيحة: C
السؤال #16
In June 2011, the Hong Kong Privacy Commissioner determined that data subject consent is NOT valid if it is what?
A. Provided by the data subject solely in verbal form
B. Used for a directly related but separate purpose
C. Bundled with other terms of the agreement
D. Intended for direct marketing purposes
عرض الإجابة
اجابة صحيحة: A
السؤال #17
What emerged as the main reason for creating a comprehensive data protection law when Singapore ministers met between 2005 and 2011?
A. To control increasing technological threats
B. To raise Singapore's human rights standing
C. To limit the scope of governmental surveillance
D. To enhance Singapore's economic competitiveness
عرض الإجابة
اجابة صحيحة: D
السؤال #18
In Hong Kong, which of the following are exempt from personal data access requests until after the project to which the data is related has been concluded?
A. Hospital administrators
B. Financial institutions
C. News organizations
D. Non-profit groups
عرض الإجابة
اجابة صحيحة: C
السؤال #19
Which of the following describes the most likely risk for a company developing a privacy policy with standards that are much higher than its competitors?
A. Being more closely scrutinized for any breaches of policy
B. Getting accused of discriminatory practices
C. Attracting skepticism from auditors
D. Having a security system failure
عرض الإجابة
اجابة صحيحة: B
السؤال #20
According to Section 5 of the FTC Act, self-regulation primarily involves a company’s right to do what?
A. Determine which bodies will be involved in adjudication
B. Decide if any enforcement actions are justified
C. Adhere to its industry’s code of conduct
D. Appeal decisions made against it
عرض الإجابة
اجابة صحيحة: B
السؤال #21
What important action should a health care provider take if the she wants to qualify for funds under the Health Information Technology for Economic and Clinical Health Act (HITECH)?
A. Make electronic health records (EHRs) part of regular care
B. Bill the majority of patients electronically for their health care
C. Send health information and appointment reminders to patients electronically
D. Keep electronic updates about the Health Insurance Portability and Accountability Act
عرض الإجابة
اجابة صحيحة: A
السؤال #22
Which Hong Kong body has recommended legislation that provides for the right of civil action to be taken when private information is publicly disclosed?
A. Hong Kong's Court of Final Appeal
B. Hong Kong Law Reform Commission
C. Office of the Privacy Commissioner for Personal Data
D. Standing Committee of the National People's Congress of the PRC
عرض الإجابة
اجابة صحيحة: C
السؤال #23
SCENARIO – Please use the following to answer the next question: Dracarys Inc. is a large multinational company with headquarters in Seattle, Washington, U.S.A. Dracarys began as a small company making and selling women's clothing, but rapidly grew through its early innovative use of online platforms to sell its products. Dracarys is now one of the biggest names in the industry, and employs staff across the globe, and in Asia has employees located in both Singapore and Hong Kong. Due to recent management re
A. The Indian Information Technology Act of 2000
B. The Hong Kong guide to monitoring personal data privacy at work
C. The Hong Kong Code of Practice on Human Resource Management
عرض الإجابة
اجابة صحيحة: C
السؤال #24
In which situation would a policy of “no consumer choice” or “no option” be expected?
A. When a job applicant’s credit report is provided to an employer
B. When a customer’s financial information is requested by the government
C. When a patient’s health record is made available to a pharmaceutical company
D. When a customer’s street address is shared with a shipping company
عرض الإجابة
اجابة صحيحة: B
السؤال #25
The “Consumer Privacy Bill of Rights” presented in a 2012 Obama administration report is generally based on?
A. The 1974 Privacy Act
B. Common law principles
C. European Union Directive
D. Traditional fair information practices
عرض الإجابة
اجابة صحيحة: A
السؤال #26
Which European-influenced safeguard was NOT included in Hong Kong or Singapore's personal data protection acts, but was subsequently adopted as a consideration in regulatory guidelines?
A. Controls on automated decision making
B. Additional protection for sensitive personal data
C. Legitimate interest as a legal basis for processing
D. Notice requirements when data is collected from third parties
عرض الإجابة
اجابة صحيحة: D
السؤال #27
SCENARIO – Please use the following to answer the next question: Bharat Medicals is an established retail chain selling medical goods, with a presence in a number of cities throughout India. Their strategic partnership with major hospitals in these cities helped them capture an impressive market share over the years. However, with lifestyle and demographic shifts in India, the company saw a huge opportunity in door-to-door delivery of essential medical products. The need for such a service was confirmed by
A. The patient cannot purchase medications from Bharat Medicals
B. The hospital has the right to refuse withdrawal of consent since it has a partnership with Bharat Medicals
C. The hospital will obtain the necessary medications from Bharat Medicals and provide them directly to patient
D. The patient can buy medications from Bharat Medicals by uploading prescription to the Bharat Medicals website
عرض الإجابة
اجابة صحيحة: A
السؤال #28
In Singapore, a potential employer can collect all of the following data on an individual in the pre-employment phase EXCEPT?
A. Postings from social media websites
B. Information from a background check
C. Information about the individual's children
D. The individual's university attendance records
عرض الإجابة
اجابة صحيحة: A
السؤال #29
What is the main reason some supporters of the European approach to privacy are skeptical about self-regulation of privacy practices?
A. A large amount of money may have to be sent on improved technology and security
B. Industries may not be strict enough in the creation and enforcement of rules
C. A new business owner may not understand the regulations
D. Human rights may be disregarded for the sake of privacy
عرض الإجابة
اجابة صحيحة: A
السؤال #30
In addition to adhering to the data export principle of section 43A of India's IT Act 2000, data exporters in India must also follow principles of?
A. Privity of contract
B. Disclosure limitation
C. Mandatory registration
D. Third party assessment
عرض الإجابة
اجابة صحيحة: D
السؤال #31
Based on the model contract released by the Privacy Commissioner for Personal Data (PDPC), Hong Kong, all of the following sections are recommended to be put into a contract to address Ordinance 33 (Data transfer/export) of Hong Kong's Personal Data Privacy Ordinance (PDPO) EXCEPT?
A. Liability and indemnity
B. Exemptions and Definitions
C. Termination of the contract
D. Obligations of the Transferee
عرض الإجابة
اجابة صحيحة: A
السؤال #32
All of the following organizations are specified as covered entities under the Health Insurance Portability and Accountability Act (HIPAA) EXCEPT?
A. Healthcare information clearinghouses
B. Pharmaceutical companies
C. Healthcare providers
D. Health plans
عرض الإجابة
اجابة صحيحة: B
السؤال #33
SCENARIO – Please use the following to answer the next question: Dracarys Inc. is a large multinational company with headquarters in Seattle, Washington, U.S.A. Dracarys began as a small company making and selling women's clothing, but rapidly grew through its early innovative use of online platforms to sell its products. Dracarys is now one of the biggest names in the industry, and employs staff across the globe, and in Asia has employees located in both Singapore and Hong Kong. Due to recent management re
D. Dracarys will have employees on the ground in India managing the systems for the functions listed above
A. Breach notification
B. Data retention periods
C. Employee recruitment process
D. Data subject consent provisions
عرض الإجابة
اجابة صحيحة: C
السؤال #34
What is a legal document approved by a judge that formalizes an agreement between a governmental agency and an adverse party called?
A. A consent decree
B. Stare decisis decree
C. A judgment rider
D. Common law judgment
عرض الإجابة
اجابة صحيحة: A
السؤال #35
Under the General Data Protection Regulation (GDPR), European Union member states may be allowed to transfer personal data to the United States in some cases. Which of the following could NOT be used as a legitimate means of doing this?
A. A consent derogation
B. A certification mechanism
C. The Safe Harbor Framework
D. Binding Corporate Rules (BCR)
عرض الإجابة
اجابة صحيحة: C
السؤال #36
All of the following are tasks in the “Discover” phase of building an information management program EXCEPT?
A. Facilitating participation across departments and levels
B. Developing a process for review and update of privacy policies
C. Deciding how aggressive to be in the use of personal information
D. Understanding the laws that regulate a company’s collection of information
عرض الإجابة
اجابة صحيحة: C
السؤال #37
SCENARIO Please use the following to answer the next question: A US-based startup company is selling a new gaming application. One day, the CEO of the company receives an urgent letter from a prominent EU-based retail partner. Triggered by an unresolved complaint lodged by an EU resident, the letter describes an ongoing investigation by a supervisory authority into the retailer’s data handling practices. The complainant accuses the retailer of improperly disclosing her personal data, without consent, to par
A. As a data supervisor
B. As a data processor
C. As a data controller
D. As a data manager
عرض الإجابة
اجابة صحيحة: A

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.