What is an Access Control List?

What is the best way to protect privacy on a geographic information system (GIS)?

SCENARIO Clean-Q is a company that offers house-hold and office cleaning services. The company receives requests from consumers via their website and telephone, to book cleaning services. Based on the type and size of service, Clean-Q then contracts individuals that are registered on its resource database - currently managed in-house by Clean-Q IT Support. Because of Clean-Q's business model, resources are contracted as needed instead of permanently employed. The table below indicates some of the personal i

SCENARIO Please use the following to answer the next question: Light Blue Health (LBH) is a healthcare technology company developing a new web and mobile application that collects personal health information from electronic patient health records. The application will use machine learning to recommend potential medical treatments and medications based on information collected from anonymized electronic health records. Patient users may also share health data collected from other mobile apps with the LBH app

SCENARIO Tom looked forward to starting his new position with a U.S —based automobile leasing company (New Company), now operating in 32 states. New Company was recently formed through the merger of two prominent players, one from the eastern region (East Company) and one from the western region (West Company). Tom, a Certified Information Privacy Technologist (CIPT), is New Company's first Information Privacy and Security Officer. He met today with Dick from East Company, and Harry, from West Company. Dick

SCENARIO Kyle is a new security compliance manager who will be responsible for coordinating and executing controls to ensure compliance with the company's information security policy and industry standards. Kyle is also new to the company, where collaboration is a core value. On his first day of new-hire orientation, Kyle's schedule included participating in meetings and observing work in the IT and compliance departments. Kyle spent the morning in the IT department, where the CIO welcomed him and explained

SCENARIO It should be the most secure location housing data in all of Europe, if not the world. The Global Finance Data Collective (GFDC) stores financial information and other types of client data from large banks, insurance companies, multinational corporations and governmental agencies. After a long climb on a mountain road that leads only to the facility, you arrive at the security booth. Your credentials are checked and checked again by the guard to visually verify that you are the person pictured on y

Not updating software for a system that processes human resources data with the latest security patches may create what?

What is a main benefit of data aggregation?

An organization based in California, USA is implementing a new online helpdesk solution for recording customer call information. The organization considers the capture of personal data on the online helpdesk solution to be in the interest of the company in best servicing customer calls. Before implementation, a privacy technologist should conduct which of the following?

What is the term for information provided to a social network by a member?

You are a wine collector who uses the web to do research about your hobby. You navigate to a news site and an ad for wine pops up. What kind of advertising is this?

Which technique is most likely to facilitate the deletion of every instance of data associated with a deleted user account from every data store held by an organization?

What is typically NOT performed by sophisticated Access Management (AM) techniques?

How does k-anonymity help to protect privacy in micro data sets?

What is a mistake organizations make when establishing privacy settings during the development of applications?

What is the goal of privacy enhancing technologies (PETS) like multiparty computation and differential privacy?

A user who owns a resource wants to give other individuals access to the resource. What control would apply?

How should the sharing of information within an organization be documented?

SCENARIO Please use the following to answer the next question: Jordan just joined a fitness-tracker start-up based in California, USA, as its first Information Privacy and Security Officer. The company is quickly growing its business but does not sell any of the fitness trackers itself. Instead, it relies on a distribution network of third-party retailers in all major countries. Despite not having any stores, the company has a 78% market share in the EU. It has a website presenting the company and products,

Which of the following is an example of drone “swarming”?

SCENARIO Please use the following to answer the next question: Chuck, a compliance auditor for a consulting firm focusing on healthcare clients, was required to travel to the client’s office to perform an onsite review of the client’s operations. He rented a car from Finley Motors upon arrival at the airport as so he could commute to and from the client’s office. The car rental agreement was electronically signed by Chuck and included his name, address, driver’s license, make/model of the car, billing rate,

What is the distinguishing feature of asymmetric encryption?

Which of the following is considered a client-side IT risk?