لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
Section 43A was amended by India's IT Rules 2011 to include?
A. A definition of what constitutes reasonable security practices
B. A requirement for the creation of a data protection authority
C. A list of cases in which privacy policies are not necessary
D. A clarification regarding the role of non-automated data
عرض الإجابة
اجابة صحيحة: A
السؤال #2
Section 43A of India's IT Rules 2011 requires which of the following for a privacy policy?
A. It should be available and produced on request
B. It should be published on the website of the body corporate
C. It should be emailed or faxed to data providers by the body corporate
D. It should be shown to the data provider at the time of data collection
عرض الإجابة
اجابة صحيحة: A
السؤال #3
What clarification did India make in a 2011 Press Note regarding their Sensitive Personal Data Rules?
A. That the rules apply to data subjects located outside of India
B. That the rules apply to persons or companies collecting sensitive data within India
C. That the data processor must provide notice to the data subject before data is processed
D. That sensitive personal data or information includes passwords, financial information,medical records, andbiometric information
عرض الإجابة
اجابة صحيحة: AD
السؤال #4
Which concept is NOT an element of Cross Border Privacy Rules (CBPR)?
A. Enforcement by Accountability Agents
B. Self-assessment against CBPR QUESTION NO:naire
C. Consultation with Privacy Enforcement (PE) Authority
D. Dispute resolution via the Accountability Agent's compliance program
عرض الإجابة
اجابة صحيحة: ABC
السؤال #5
In Singapore, a potential employer can collect all of the following data on an individual in the pre-employment phase EXCEPT?
A. Postings from social media websites
B. Information from a background check
C. Information about the individual's children
D. The individual's university attendance records
عرض الإجابة
اجابة صحيحة: B
السؤال #6
Which of the following is NOT excluded from the scope of Singapore's Do Not Call registry?
A. Messages that promote investment opportunities
B. Messages that conduct market research
C. Messages from charitable organizations
D. Messages from political candidates
عرض الإجابة
اجابة صحيحة: ABCD
السؤال #7
SCENARIO C Please use the following to answer the next QUESTION: Fitness For Everyone ("FFE") is a gym on Hong Kong Island that is affiliated with a network of gyms throughout Southeast Asia. When prospective members of the gym stop in, call in or submit an inquiry online, they are invited for a free trial session. At first, the gym asks prospective clients only for basic information: a full name, contact number, age and their Hong Kong ID number, so that FFE's senior trainer Kelvin can reach them to arrang
A. FFE's collection of full name from prospective clients
B. FFE affiliates' receipt of Stephen's contact information
C. FFE's collection of age and HKID from prospective clients
D. FFE's collection of Stephen's messenger cell details through Kelvin
عرض الإجابة
اجابة صحيحة: D
السؤال #8
Which of the following would NOT be exempt from Singapore’s PDPA?
A. A government automobile registration website
B. A private party room at a popular restaurant
C. A documentary filmed at a rock concert
D. A video from a store's dosed-circuit Tcorrect
عرض الإجابة
اجابة صحيحة: D
السؤال #9
SCENARIO C Please use the following to answer the next QUESTION: Zoe is the new Compliance Manager for the Star Hotel Group, which has five hotels across Hong Kong and China. On her first day, she does an inspection of the largest property, StarOne. She starts with the hotel reception desk. Zoe sees the front desk assistant logging in to a database as he is checking in a guest. The hotel manager, Bernard, tells her that all guest data, including passport numbers, credit card numbers, home address, mobile nu
A. Inform the staff that Relax Ltd can transfer the data to StarOne given they are in the same premises and guests would reasonably expect that
B. Inform the staff that Relax Ltd should not transfer the data to StarOne without a privacy notice identifying StarOne as a class of transferee
C. Inform the staff that Relax Ltd should not transfer the data to StarOne without the guest's opt-in consent to do so
D. Inform the staff that Relax Ltd can transfer the data as Section 33 is not in force
عرض الإجابة
اجابة صحيحة: C
السؤال #10
In India, the obligation to appoint a Grievance Officer applies ONLY to companies that?
A. Deal with sensitive personal data
B. Conduct cross-border data transfers
C. Are considered part of the public sector
D. Lack alternate enforcement mechanisms
عرض الإجابة
اجابة صحيحة: A
السؤال #11
Protection of which kind of personal information is NOT explicitly mentioned in the privacy laws of Hong Kong, Singapore, and India?
A. Sensitive data
B. Children's data
C. Outsourced data
D. Extraterritorial data
عرض الإجابة
اجابة صحيحة: B
السؤال #12
Which of the following principles of the OECD guidelines and Council of European Convention principles does Singapore's PDPA incorporate?
A. Disclosures to third parties included in access requests
B. Additional protections for sensitive personal data
C. The ability to opt-out from direct marketing
D. The right of deletion of data on request
عرض الإجابة
اجابة صحيحة: AC
السؤال #13
What term is defined by the European Commission to mean any data that relates to an identified or identifiable individual?
A. Personally identifiable information
B. Sensitive information
C. Personal data
D. Identified data
عرض الإجابة
اجابة صحيحة: C
السؤال #14
In the Asia-Pacific Economic Cooperation (APEC) Privacy Framework, what exception is allowed to the Access and Correction principle?
A. Paper-based records
B. Publicly-available information
C. Foreign intelligence
D. Unreasonable expense
عرض الإجابة
اجابة صحيحة: D
السؤال #15
The "due diligence" exemption in Hong Kong's PDPO was meant to apply to?
A. Third-party data processors located in foreign countries
B. Companies researching the viability of business mergers
C. Service providers hosting customer information in the cloud
D. Direct marketers acting in the best interest of their company
عرض الإجابة
اجابة صحيحة: A
السؤال #16
SCENARIO C Please use the following to answer the next QUESTION: Bharat Medicals is an established retail chain selling medical goods, with a presence in a number of cities throughout India. Their strategic partnership with major hospitals in these cities helped them capture an impressive market share over the years. However, with lifestyle and demographic shifts in India, the company saw a huge opportunity in door-to-door delivery of essential medical products. The need for such a service was confirmed by
A. It must have a privacy policy on its website describing its data processing practices
B. It must obtain consent from Bharat Medicals consumers before processing their data
C. It must process Bharat Medicals' consumer data only according to agreed contractual terms
D. It must protect any unauthorized access any of Bharat Medicals consumer data that it obtained
عرض الإجابة
اجابة صحيحة: B
السؤال #17
Under the PDPO, what are Hong Kong companies that make use of personal data required to do?
A. Appoint an official compliance officer
B. Register with the appropriate data authority
C. Honor all data subject requests for correcting personal information
D. Provide contact information of persons handling data access requests
عرض الإجابة
اجابة صحيحة: C
السؤال #18
SCENARIO C Please use the following to answer the next QUESTION: Fitness For Everyone ("FFE") is a gym on Hong Kong Island that is affiliated with a network of gyms throughout Southeast Asia. When prospective members of the gym stop in, call in or submit an inquiry online, they are invited for a free trial session. At first, the gym asks prospective clients only for basic information: a full name, contact number, age and their Hong Kong ID number, so that FFE's senior trainer Kelvin can reach them to arrang
A. From the FFE retention department, offering a special discount for reactivating membership
B. From health care services provided by Hong Kong's Hospital Authority or Department of Health
C. From an FFE affiliate that provides a mechanism to opt out of further communications by reply-texting "Ocorrect
D. "
E. From an FFE affiliate in the region Stephen was transferred to, offering services similar to those he purchased previously
عرض الإجابة
اجابة صحيحة: C
السؤال #19
How can the privacy principles issued in 1980 by the Organisation for Economic Cooperation and Development (OECD) be defined?
A. Guidelines governing the protection of privacy and trans-border data flows issued in collaboration with the Federal Trade Commission
B. Guidelines governing the protection of privacy and trans-border data flows of personal data in states that are members
C. Mandatory rules governing the protection of privacy and trans-border data flows within the European Union
D. Mandatory rules governing the protection of privacy and trans-border data flows among binding member states
عرض الإجابة
اجابة صحيحة: B
السؤال #20
Which method ensures the greatest security when erasing data that is no longer needed, according to the Hong Kong Office of the Privacy Commissioner?
A. Strip-shredding paper copies of data
B. Crosscut shredding paper copies of data
C. Deleting electronic files containing data
D. Reformatting USB memory devices containing data
عرض الإجابة
اجابة صحيحة: B
السؤال #21
Employee benefits administration, including health insurance. Dracarys will have employees on the ground in India managing the systems for the functions listed above. They have been presented with a variety of vendor options for these systems, and are currently assessing the suitability of these vendors for their needs. The CEO of Dracarys is concerned about the behavior of her employees, especially online. After having proprietary company information being shared with competitors by former employees, she i
A. Breach notification
B. Data retention periods
C. Employee recruitment process
D. Data subject consent provisions
عرض الإجابة
اجابة صحيحة: D
السؤال #22
On what group does Singapore's PDPA impose disclosure restrictions that Hong Kong and India do not?
A. Government officials
B. Children under 13
C. The deceased
D. The clergy
عرض الإجابة
اجابة صحيحة: A
السؤال #23
Employee benefits administration, including health insurance. Dracarys will have employees on the ground in India managing the systems for the functions listed above. They have been presented with a variety of vendor options for these systems, and are currently assessing the suitability of these vendors for their needs. The CEO of Dracarys is concerned about the behavior of her employees, especially online. After having proprietary company information being shared with competitors by former employees, she i
A. The Indian Information Technology Act of 2000
B. The Hong Kong guide to monitoring personal data privacy at work
C. The Hong Kong Code of Practice on Human Resource Management
D. The Singapore advisory guidelines on the personal data protection act for selected topics (employment and CCTV)
عرض الإجابة
اجابة صحيحة: A
السؤال #24
How are the scope of Singapore's Personal Data Protection Act and the scope of India's IT Rules similar?
A. They only apply to the private sector
B. They allow exemptions for military personnel
C. They apply to controllers and processors alike
D. They impose obligations on individuals acting in a domestic capacity
عرض الإجابة
اجابة صحيحة: C
السؤال #25
Which provision of Hong Kong's Personal Data (Privacy) Ordinance (PDPO) strengthens the purpose limitation principle (DPP3)?
A. Notice; because the data subject must be provided with the purpose of the collection
B. Public domain; because the data subjects must agree to the purpose before their information is made publicly available
C. Prescribed consent; because the data subject must give express consent to their personal information being used for additional purposes
D. Finality; because the purpose for collection of personal information from the subject must be directly related to a function of the collector
عرض الإجابة
اجابة صحيحة: A
السؤال #26
SCENARIO C Please use the following to answer the next QUESTION: Bharat Medicals is an established retail chain selling medical goods, with a presence in a number of cities throughout India. Their strategic partnership with major hospitals in these cities helped them capture an impressive market share over the years. However, with lifestyle and demographic shifts in India, the company saw a huge opportunity in door-to-door delivery of essential medical products. The need for such a service was confirmed by
A. The recipients of the collected data
B. The name of the body collecting the data
C. The type of safeguards protecting the data
D. The options the subject has to access his data
عرض الإجابة
اجابة صحيحة: D
السؤال #27
How can the privacy principles issued in 1980 by the Organisation for Economic Cooperation and Development (OECD) be defined?
A. Guidelines governing the protection of privacy and trans-border data flows issued in collaboration with the Federal Trade Commission
B. Guidelines governing the protection of privacy and trans-border data flows of personal data in states that are members
C. Mandatory rules governing the protection of privacy and trans-border data flows within the European Union
D. Mandatory rules governing the protection of privacy and trans-border data flows among binding member states
عرض الإجابة
اجابة صحيحة: AB
السؤال #28
SCENARIO C Please use the following to answer the next QUESTION: Zoe is the new Compliance Manager for the Star Hotel Group, which has five hotels across Hong Kong and China. On her first day, she does an inspection of the largest property, StarOne. She starts with the hotel reception desk. Zoe sees the front desk assistant logging in to a database as he is checking in a guest. The hotel manager, Bernard, tells her that all guest data, including passport numbers, credit card numbers, home address, mobile nu
A. Zoe must immediately notify all guests, the police and the Privacy Commissioner of the breach
B. Zoe does not need to do anything as there is no mandatory breach notification requirement in Hong Kong
C. Zoe must report the breach to the Privacy Commissioner and make an action plan together with the Commissioner
D. Zoe should consider if there is a real risk of harm to the guests and take appropriate action based on her assessment
عرض الإجابة
اجابة صحيحة: D
السؤال #29
Which concept is NOT an element of Cross Border Privacy Rules (CBPR)?
A. Enforcement by Accountability Agents
B. Self-assessment against CBPR questionnaire
C. Consultation with Privacy Enforcement (PE) Authority
D. Dispute resolution via the Accountability Agent's compliance program
عرض الإجابة
اجابة صحيحة: B
السؤال #30
Both Sections 72 and 72A of India's IT Act 2000 involve unauthorized access of personal information. One main difference between the sections is that 72A does what?
A. Stipulates that disclosure has to have occurred
B. Specifies imprisonment as a possible penalty
C. Adds a provision about wrongful loss or gain
D. Includes the concept of consent
عرض الإجابة
اجابة صحيحة: AB

View The Updated IAPP Exam Questions

SPOTO Provides 100% Real IAPP Exam Questions for You to Pass Your IAPP Exam!

Get IAPP Practice Test

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.