[2021] Free CIPP-US Exam Dumps to Pass Exam Easily [Q43-Q67]

Share

[2021] Free CIPP-US Exam Dumps to Pass Exam Easily

CIPP-US Exam Dumps, CIPP-US Practice Test Questions


The IAPP CIPP-US exam is a measure of how well a specialist is conversant with data protection laws in the US. The associated certification called the CIPP-US stands for the Certified Information Privacy Professional-US. It has accreditation from ANSI/ISO and is continually updated to ensure that the candidate only gets tested for the most current concepts in the industry. The questions in the official exam assess varying areas of the US data protection policies and a candidate needs to know how to apply and manage them in their daily work.

 

NEW QUESTION 43
What does the Massachusetts Personal Information Security Regulation require as it relates to encryption of personal information?

  • A. The encryption of personal information stored in Massachusetts-based companies when stored on portable devices.
  • B. The encryption of all personal information of Massachusetts residents when all equipment is located in Massachusetts.
  • C. The encryption of all personal information stored in Massachusetts-based companies when all equipment is located in Massachusetts.
  • D. The encryption of all personal information of Massachusetts residents when stored on portable devices.

Answer: D

 

NEW QUESTION 44
What is the main purpose of the Global Privacy Enforcement Network?

  • A. To protect the interests of privacy consumer groups worldwide
  • B. To promote universal cooperation among privacy authorities
  • C. To investigate allegations of privacy violations internationally
  • D. To arbitrate disputes between countries over jurisdiction for privacy laws

Answer: B

Explanation:
Explanation/Reference: https://en.wikipedia.org/wiki/Global_Privacy_Enforcement_Network

 

NEW QUESTION 45
SCENARIO
Please use the following to answer the next QUESTION
Noah is trying to get a new job involving the management of money. He has a poor personal credit rating, but he has made better financial decisions in the past two years.
One potential employer, Arnie's Emporium, recently called to tell Noah he did not get a position. As part of the application process, Noah signed a consent form allowing the employer to request his credit report from a consumer reporting agency (CRA). Noah thinks that the report hurt his chances, but believes that he may not ever know whether it was his credit that cost him the job. However, Noah is somewhat relieved that he was not offered this particular position. He noticed that the store where he interviewed was extremely disorganized. He imagines that his credit report could still be sitting in the office, unsecured.
Two days ago, Noah got another interview for a position at Sam's Market. The interviewer told Noah that his credit report would be a factor in the hiring decision. Noah was surprised because he had not seen anything on paper about this when he applied.
Regardless, the effect of Noah's credit on his employability troubles him, especially since he has tried so hard to improve it. Noah made his worst financial decisions fifteen years ago, and they led to bankruptcy. These were decisions he made as a young man, and most of his debt at the time consisted of student loans, credit card debt, and a few unpaid bills - all of which Noah is still working to pay off. He often laments that decisions he made fifteen years ago are still affecting him today.
In addition, Noah feels that an experience investing with a large bank may have contributed to his financial troubles. In 2007, in an effort to earn money to help pay off his debt, Noah talked to a customer service representative at a large investment company who urged him to purchase stocks. Without understanding the risks, Noah agreed. Unfortunately, Noah lost a great deal of money.
After losing the money, Noah was a customer of another financial institution that suffered a large security breach. Noah was one of millions of customers whose personal information was compromised. He wonders if he may have been a victim of identity theft and whether this may have negatively affected his credit.
Noah hopes that he will soon be able to put these challenges behind him, build excellent credit, and find the perfect job.
Based on the scenario, which legislation should ease Noah's worry about his credit report as a result of applying at Arnie's Emporium?

  • A. The Disposal Rule under the Fair and Accurate Credit Transactions Act (FACTA).
  • B. The Red Flags Rule under the Fair and Accurate Credit Transactions Act (FACTA).
  • C. The Safeguards Rule under the Gramm-Leach-Bliley Act (GLBA).
  • D. The Privacy Rule under the Gramm-Leach-Bliley Act (GLBA).

Answer: C

 

NEW QUESTION 46
When may a financial institution share consumer information with non-affiliated third parties for marketing purposes?

  • A. After disclosing marketing practices to customers and after giving them an opportunity to opt in.
  • B. After disclosing marketing practices to customers and after giving them an opportunity to opt out.
  • C. After disclosing information-sharing practices to customers and after giving them an opportunity to opt out.
  • D. After disclosing information-sharing practices to customers and after giving them an opportunity to opt in.

Answer: C

 

NEW QUESTION 47
If an organization certified under Privacy Shield wants to transfer personal data to a third party acting as an agent, the organization must ensure the third party does all of the following EXCEPT?

  • A. Notifies the organization if it can no longer meet its requirements for proper data handling
  • B. Provides the same level of privacy protection as the organization
  • C. Uses the transferred data for limited purposes
  • D. Enters a contract with the organization that states the third party will process data according to the consent agreement

Answer: D

Explanation:
Explanation/Reference: https://www.privacyshield.gov/Key-New-Requirements

 

NEW QUESTION 48
Which of the following best describes an employer's privacy-related responsibilities to an employee who has left the workplace?

  • A. An employer has a responsibility to maintain a former employee's access to computer systems and company data needed to support claims against the company such as discrimination.
  • B. An employer has a responsibility to maintain the security and privacy of any sensitive employment records retained for a legitimate business purpose.
  • C. An employer may consider any privacy-related responsibilities terminated, as the relationship between employer and employee is considered primarily contractual.
  • D. An employer has a responsibility to permanently delete or expunge all sensitive employment records to minimize privacy risks to both the employer and former employee.

Answer: D

 

NEW QUESTION 49
A law enforcement subpoenas the ACME telecommunications company for access to text message records of a person suspected of planning a terrorist attack. The company had previously encrypted its text message records so that only the suspect could access this data.
What law did ACME violate by designing the service to prevent access to the information by a law enforcement agency?

  • A. SCA
  • B. ECPA
  • C. USA Freedom Act
  • D. CALEA

Answer: D

 

NEW QUESTION 50
SCENARIO
Please use the following to answer the next QUESTION
Felicia has spent much of her adult life overseas, and has just recently returned to the U.S. to help her friend Celeste open a jewelry store in Californi a. Felicia, despite being excited at the prospect, has a number of security concerns, and has only grudgingly accepted the need to hire other employees. In order to guard against the loss of valuable merchandise, Felicia wants to carefully screen applicants. With their permission, Felicia would like to run credit checks, administer polygraph tests, and scrutinize videos of interviews. She intends to read applicants' postings on social media, ask Question:s about drug addiction, and solicit character references. Felicia believes that if potential employees are serious about becoming part of a dynamic new business, they will readily agree to these requirements.
Felicia is also in favor of strict employee oversight. In addition to protecting the inventory, she wants to prevent mistakes during transactions, which will require video monitoring. She also wants to regularly check the company vehicle's GPS for locations visited by employees. She also believes that employees who use their own devices for work-related purposes should agree to a certain amount of supervision.
Given her high standards, Felicia is skeptical about the proposed location of the store. She has been told that many types of background checks are not allowed under California law. Her friend Celeste thinks these worries are unfounded, as long as applicants verbally agree to the checks and are offered access to the results. Nor does Celeste share Felicia's concern about state breach notification laws, which, she claims, would be costly to implement even on a minor scale. Celeste believes that even if the business grows a customer database of a few thousand, it's unlikely that a state agency would hassle an honest business if an accidental security incident were to occur.
In any case, Celeste feels that all they need is common sense - like remembering to tear up sensitive documents before throwing them in the recycling bin. Felicia hopes that she's right, and that all of her concerns will be put to rest next month when their new business consultant (who is also a privacy professional) arrives from North Carolina.
Which law will be most relevant to Felicia's plan to ask applicants about drug addiction?

  • A. The Genetic Information Nondiscrimination Act of 2008.
  • B. The Americans with Disabilities Act (ADA).
  • C. The Health Insurance Portability and Accountability Act (HIPAA).
  • D. The Occupational Safety and Health Act (OSHA).

Answer: B

 

NEW QUESTION 51
Which jurisdiction must courts have in order to hear a particular case?

  • A. Subject matter jurisdiction and professional jurisdiction
  • B. Personal jurisdiction and subject matter jurisdiction
  • C. Personal jurisdiction and professional jurisdiction
  • D. Subject matter jurisdiction and regulatory jurisdiction

Answer: B

Explanation:
Reference:
~klett/chapter%25202%2520bl281%2520judicial%2520review%2520new.htm
+&cd=1&hl=en&ct=clnk&gl=pk&client=firefox-b-e

 

NEW QUESTION 52
In what way does the "Red Flags Rule" under the Fair and Accurate Credit Transactions Act (FACTA) relate to the owner of a grocery store who uses a money wire service?

  • A. It is not usually enforced in the case of a small financial institution
  • B. It does not apply because the owner is not a creditor
  • C. It requires the owner to implement an identity theft warning system
  • D. It mandates the use of updated technology for securing credit records

Answer: D

 

NEW QUESTION 53
Smith Memorial Healthcare (SMH) is a hospital network headquartered in New York and operating in 7 other states. SMH uses an electronic medical record to enter and track information about its patients. Recently, SMH suffered a data breach where a third-party hacker was able to gain access to the SMH internal network.
Because it is a HIPPA-covered entity, SMH made a notification to the Office of Civil Rights at the U.S. Department of Health and Human Services about the breach.
Which statement accurately describes SMH's notification responsibilities?

  • A. If SMH is compliant with HIPAA, it will not have to make a separate notification to individuals in the state of New York.
  • B. If SMH must make a notification in any other state in which it operates, it must also make a notification to individuals in New York.
  • C. If SMH has more than 500 patients in the state of New York, it will need to make separate notifications to these patients.
  • D. If SMH makes credit monitoring available to individuals who inquire, it will not have to make a separate notification to individuals in the state of New York.

Answer: B

 

NEW QUESTION 54
Most states with data breach notification laws indicate that notice to affected individuals must be sent in the "most expeditious time possible without unreasonable delay." By contrast, which of the following states currently imposes a definite limit for notification to affected individuals?

  • A. Maine
  • B. California
  • C. New York
  • D. Florida

Answer: D

 

NEW QUESTION 55
What is the main purpose of the CAN-SPAM Act?

  • A. To empower the FTC to create rules for messages containing sexually explicit content
  • B. To diminish the use of electronic messages to send sexually explicit materials
  • C. To ensure that organizations respect individual rights when using electronic advertising
  • D. To authorize the states to enforce federal privacy laws for electronic marketing

Answer: C

Explanation:
Explanation/Reference: https://www.ftc.gov/tips-advice/business-center/guidance/can-spam-act-compliance-guide-business

 

NEW QUESTION 56
SCENARIO
Please use the following to answer the next QUESTION:
Matt went into his son's bedroom one evening and found him stretched out on his bed typing on his laptop. "Doing your network?" Matt asked hopefully.
"No," the boy said. "I'm filling out a survey."
Matt looked over his son's shoulder at his computer screen. "What kind of survey?" "It's asking Questions about my opinions."
"Let me see," Matt said, and began reading the list of Questions that his son had already answered. "It's asking your opinions about the government and citizenship. That's a little odd. You're only ten." Matt wondered how the web link to the survey had ended up in his son's email inbox. Thinking the message might have been sent to his son by mistake he opened it and read it. It had come from an entity called the Leadership Project, and the content and the graphics indicated that it was intended for children. As Matt read further he learned that kids who took the survey were automatically registered in a contest to win the first book in a series about famous leaders.
To Matt, this clearly seemed like a marketing ploy to solicit goods and services to children. He asked his son if he had been prompted to give information about himself in order to take the survey. His son told him he had been asked to give his name, address, telephone number, and date of birth, and to answer Questions about his favorite games and toys.
Matt was concerned. He doubted if it was legal for the marketer to collect information from his son in the way that it was. Then he noticed several other commercial emails from marketers advertising products for children in his son's inbox, and he decided it was time to report the incident to the proper authorities.
Based on the incident, the FTC's enforcement actions against the marketer would most likely include what violation?

  • A. Disregarding the privacy policy of the children's marketing industry.
  • B. Collecting information from a child under the age of thirteen.
  • C. Failing to notify of a breach of children's private information.
  • D. Intruding upon the privacy of a family with young children.

Answer: A

 

NEW QUESTION 57
What is the main challenge financial institutions face when managing user preferences?

  • A. Developing a mechanism for opting out that is easy for their consumers to navigate
  • B. Ensuring that preferences are applied consistently across channels and platforms
  • C. Ensuring they are in compliance with numerous complex state and federal privacy laws
  • D. Determining the legal requirements for sharing preferences with their affiliates

Answer: B

 

NEW QUESTION 58
Which of the following types of information would an organization generally NOT be required to disclose to law enforcement?

  • A. Money laundering information under the Bank Secrecy Act of 1970
  • B. Information about medication errors under the Food, Drug and Cosmetic Act
  • C. Personal health information under the HIPAA Privacy Rule
  • D. Information about workspace injuries under OSHA requirements

Answer: C

 

NEW QUESTION 59
Which federal agency plays a role in privacy policy, but does NOT have regulatory authority?

  • A. The Office of the Comptroller of the Currency.
  • B. The Federal Communications Commission.
  • C. The Department of Transportation.
  • D. The Department of Commerce.

Answer: C

 

NEW QUESTION 60
Sarah lives in San Francisco, Californi
a. Based on a dramatic increase in unsolicited commercial emails, Sarah believes that a major social media platform with over 50 million users has collected a lot of personal information about her. The company that runs the platform is based in New York and France.
Why is Sarah entitled to ask the social media platform to delete the personal information they have collected about her?

  • A. Under Section 5 of the FTC Act, the Federal Trade Commission has held that refusing to delete an individual's personal information upon request constitutes an unfair practice.
  • B. The California Consumer Privacy Act entitles Sarah to request deletion of her personal information.
  • C. Any company with a presence in Europe must comply with the General Data Protection Regulation globally, including in response to data subject deletion requests.
  • D. The New York "Stop Hacks and Improve Electronic Data Security" (SHIELD) Act requires that businesses under New York's jurisdiction must delete customers' personal information upon request.

Answer: B

 

NEW QUESTION 61
What was the original purpose of the Foreign Intelligence Surveillance Act?

  • A. To further define a framework for authorizing wiretaps by the executive branch for national security purposes under Article II of the Constitution.
  • B. To further clarify a reasonable expectation of privacy stemming from the Katz v. United States decision.
  • C. To further clarify when a warrant is not required for a wiretap performed internally by the telephone company outside the suspect's home, stemming from the Olmstead v. United States decision.
  • D. To further define what information can reasonably be under surveillance in public places under the USA PATRIOT Act, such as Internet access in public libraries.

Answer: D

 

NEW QUESTION 62
The Video Privacy Protection Act of 1988 restricted which of the following?

  • A. Which purchase records of audio visual materials may be disclosed
  • B. When downloading of copyrighted audio visual materials is allowed
  • C. When a user's viewing of online video content can be monitored
  • D. Who advertisements for videos and video games may target

Answer: A

Explanation:
Explanation/Reference: https://searchcompliance.techtarget.com/definition/Video-Privacy-Protection-Act-of-1988

 

NEW QUESTION 63
The Cable Communications Policy Act of 1984 requires which activity?

  • A. Delivery of an annual notice detailing how subscriber information is to be used
  • B. Obtaining subscriber consent for disseminating any personal information necessary to render cable services
  • C. Notice to subscribers of any investigation involving unauthorized reception of cable services
  • D. Destruction of personal information a maximum of six months after it is no longer needed

Answer: C

 

NEW QUESTION 64
Which entity within the Department of Health and Human Services (HHS) is the primary enforcer of the Health Insurance Portability and Accountability Act (HIPAA) "Privacy Rule"?

  • A. Office for Civil Rights.
  • B. Office of Public Health and Safety.
  • C. Office of Social Services.
  • D. Office of Inspector General.

Answer: A

 

NEW QUESTION 65
A large online bookseller decides to contract with a vendor to manage Personal Information (PI). What is the least important factor for the company to consider when selecting the vendor?

  • A. The vendor's employee training program
  • B. The vendor's financial health
  • C. The vendor's reputation
  • D. The vendor's employee retention rates

Answer: B

 

NEW QUESTION 66
What privacy concept grants a consumer the right to view and correct errors on his or her credit report?

  • A. Notice.
  • B. Choice.
  • C. Access.
  • D. Action.

Answer: A

 

NEW QUESTION 67
......

CIPP-US Exam Dumps, CIPP-US Practice Test Questions: https://www.free4torrent.com/CIPP-US-braindumps-torrent.html

Free CIPP-US Study Guides Exam Questions & Answer: https://drive.google.com/open?id=1-aQrcr37Td_6ESWJAL51ZzdgHWUBmPxu