Isaca CDPSE Certified Data Privacy Solutions Engineer Exam Exam Practice Test Questions

• Question 1

  Which of the following is a PRIMARY objective of performing a privacy impact assessment (PIA) prior to onboarding a new Software as a Service (SaaS) provider for a customer relationship management (CRM) system?

  • To identify controls to mitigate data privacy risks
    
  • To classify personal data according to the data classification scheme
    
  • To assess the risk associated with personal data usage
    
  • To determine the service provider's ability to maintain data protection controls
    

  Show Answer Answer: 4 Next

• Question 2

  Which of the following is the BEST way to manage different IT staff access permissions for personal data within an organization?

  • Mandatory access control
    
  • Network segmentation
    
  • Dedicated access system
    
  • Role-based access control
    

  Show Answer Answer: 4 Next

• Question 3

  Which of the following helps define data retention time is a stream-fed data lake that includes personal data?

  • Information security assessments
    
  • Privacy impact assessments (PIAs)
    
  • Data privacy standards
    
  • Data lake configuration
    

  Show Answer Answer: 2 Next

• Question 4

  A global financial institution is implementing data masking technology to protect personal data used for testing purposes in non-production environments. Which of the following is the GREATEST challenge in this situation?

  • Access to personal data is not strictly controlled in development and testing environments.
    
  • Complex relationships within and across systems must be retained for testing.
    
  • Personal data across the various interconnected systems cannot be easily identified.
    
  • Data masking tools are complex and difficult to implement.
    

  Show Answer Answer: 4 Next

• Question 5

  Which of the following is the BEST way for an organization to limit potential data exposure when implementing a new application?

  • Implement a data loss prevention (DLP) system.
    
  • Use only the data required by the application.
    
  • Encrypt all data used by the application.
    
  • Capture the application's authentication logs.
    

  Show Answer Answer: 1 Next