시험덤프
매달, 우리는 1000명 이상의 사람들이 시험 준비를 잘하고 시험을 잘 통과할 수 있도록 도와줍니다.
  / DCPP-01 덤프  / DCPP-01 문제 연습

DSCI DCPP-01 시험

DSCI certified Privacy Professional 온라인 연습

최종 업데이트 시간: 2024년11월08일

당신은 온라인 연습 문제를 통해 DSCI DCPP-01 시험지식에 대해 자신이 어떻게 알고 있는지 파악한 후 시험 참가 신청 여부를 결정할 수 있다.

시험을 100% 합격하고 시험 준비 시간을 35% 절약하기를 바라며 DCPP-01 덤프 (최신 실제 시험 문제)를 사용 선택하여 현재 최신 74개의 시험 문제와 답을 포함하십시오.

 / 3

Question No : 1


The Information Technology (Reasonable Security Practices And Procedures and Sensitive Data or Information) Rules, 2011 incorporate which of the following privacy concepts and principles:
i. Collection Limitation
ii. Accountability
iii. Right to be forgotten
iv. Purpose Limitation
v. Access and correction

정답:

Question No : 2


Which of the following laws does not have a mandatory personal data breach notification requirement?

정답:
Explanation:
Reference: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=1680152

Question No : 3


“As per Indian laws, any information that is freely available or accessible in public domain cannot be regarded as sensitive personal data or information.”
Please state if this statement is True or False.

정답:
Explanation:
Reference: https://www.linklaters.com/en/insights/data-protected/data-protected---india

Question No : 4


As per Article 6 of General Data Protection Regulation, 2016, which of the following is not a lawful ground of processing personal data?

정답:
Explanation:
Reference: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection­regulation-gdpr/lawful-basis-for-processing/

Question No : 5


Which of the following wasn't prescribed as a privacy principle under the OECD Privacy Guidelines, 1980?

정답:
Explanation:
Reference: https://www.oecd.org/internet/ieconomy/oecdguidelinesontheprotectionofprivacyandtransborderflowsofpersonaldata.htm

Question No : 6


As per Article 33 of GDPR, in case of a personal data breach, the data controller has to inform the supervisory authority within ___________ of becoming aware of the breach.

정답:
Explanation:
Reference: https://gdpr-info.eu/art-33-gdpr/

Question No : 7


As per GDPR, the adequacy decision is taken the European Commission based on its findings and assessment of privacy laws of the third country, territory, sector, etc. The ____________ is required to provide the Commission with an opinion for the assessment of the adequacy of the level of protection in a third country or international organization, including for the assessment whether a third country, a territory or one or more specified sectors within that third country, or an international organization.

정답:
Explanation:
Reference: https://books.google.com.pk/books?id=rKXaDwAAQBAJ&pg=PA141&lpg=PA141&dq=GDPR+is +required+to+provide+the+Commission+with+an+opinion+for+the+assessment+of+the+adequacy+of+the+level+of+protection+in+a+third+country+or+international+organization,+including+for+the+assessment+whether+a+third+country,+a+territory+or+one+or+more+specified+sectors+within+that+third+country,+or+an +international+organization&source=bl&ots=iTGUl_dS9C&sig=ACfU3U1_Q4wLavcnbA58JvJ8ek3PZ6YVqg&hl=en&sa=X&ved=2ahUKEwjk4NTnyp_pAhXCRBUIHXqIDj4Q6AEwDHoECBQQAQ#v=onepage&q=GDPR%20is%20required%20to%20provide%20the%20Commission%20with%20an%20opinion%20for%20the%20assessment%20of%20the%20adequacy%20of%20the%20level%20of%20protection%20in%20a%20third%20country%20or%20international%20organization%2C%20including%20for%20the%20assessment%20whether%20a%20third%20country%2C%20a%20territory%20or%20one%20or%20more%20specified%20sectors%20within%20that%20third%20country%2C%20or%20an%20international%20organization&f=false

Question No : 8


If an entity operates a website designed for kids or a website that targets general audience but collects information from individuals known to be under age of 13 years, the entity must comply with requirements in the US.

정답:
Explanation:
Reference: https://www.ftc.gov/tips-advice/business-center/guidance/childrens-online-privacy-protection-rule­six-step-compliance

Question No : 9


ABC company is a large US based IT Company that provides a range of services to its clients. The company had developed a cloud based application providing end-to-end services for the medical industry.
The application had three modules for:
- Patients
- Hospitals and Doctors
- Insurance and Pharmaceutical companies
Each of the modules was designed to be integrated with others depending on user's choice. For example, a patient could choose to share his/her medical history with his/her doctor (for medical advice) as well as insurance companies (for claims).
The application requires that all registered users of the application read and acknowledge the privacy policy. Additionally, users are required to identify the purpose for which they are providing any personal data in any of the modules. For example, a patient providing his/her medical history and current symptoms can select ‘Medical Advice’ as the purpose for the data being provided.
Few months ago, company launched new services in the applications namely, Business Analytics, Group Consultations, Insurance Policy purchase, and Medical Trials Management. The new services used all existing data collected over the years from users. The Company's clients/users are based only in three geographical locations - United States, European Union and India. Additionally, to facilitate better performance of its application, the company established one datacenter each in US, Germany and India for its operations. Each of the datacenter provides the following: -US Datacenter - Storage of data for US based users only -Germany Datacenter - Storage of data for EU based users only -India Datacenter - Storage of data for India based users and alternate site for US and Germany Datacenters (used as part of global load balancing) -Services of a cloud service provider are leveraged in US as a Disaster Recovery (DR) site for Indian Datacenter
Recently, the company's Application Support Desk has started receiving user complaints related to unsolicited communications.
These complaints have warranted a review of company's privacy policies as well as practices.
The use of all user data for business analytics would be in direct conflict with which of the following privacy principles?

정답:
Explanation:
Reference: http://oecdprivacy.org/#quality

Question No : 10


Which among the following is the Canadian privacy law?

정답:

Question No : 11


Indian constitution does not expressly provide for the “right to privacy” to its citizens.
However, there were various judicial pronouncements of the apex court which finally established the “right to privacy” as a fundamental right subsumed under Article 21 of the constitution of India. Article 21 inter alia provides and protects the __________________.

정답:
Explanation:
Article 21 of the Constitution of India, 1950 provides that, “No person shall be deprived of his life or personal liberty except according to procedure established by law.
Reference: https://www.google.com/search?q=article+21+of+indian+constitution&rlz=1C1CHBF_enPK808PK808&oq=article+21+of +india&aqs=chrome.0.0j69i57j0l4.3344j0j7&sourceid=chrome&ie=UTF-8

Question No : 12


Which of the following privacy regulation advocates de-identification of personal information?

정답:

Question No : 13


You are part of a team that has been created by Indian government to create India’s privacy law based on recommendations in Justice AP Shah’s Report.
Which of the following provisions should be addressed in the law?

정답:

Question No : 14


According to IT (Amendment) Act,2008, who should designate a grievance officer to redress grievance(s) of provider of information?

정답:

Question No : 15


Which of the following provides the legal basis for an Adjudicating Officer in every Indian state & union territory, with the powers of a civil court, to hear complaints and order compensation to the affected individuals?

정답:

 / 3
DSCI