Released DSCI DCPP-01 Updated Questions PDF [Q54-Q77]

March 31, 2022 admin 0 Comments

Rate this post

Released DSCI DCPP-01 Updated Questions PDF

DCPP-01 Dumps and Practice Test (124 Exam Questions)

The benefit of obtaining the DSCI DCPP-01 Privacy Professional Certification

Gain real benefits to help you showcase your accomplishments and advance your expertise. Once AWS Certified, you’ll be qualified for perks that can assist you to show off your achievements and keep learning. In addition to validating your technical skills, AWS Certification can help you further develop your expertise.

Amazon Web Services follows impressive security standards for safeguarding, monitoring, and maintenance of its data centres. so as a result, AWS has gained the top spot on the list of cloud service providers. So, one should go for AWS certifications due to their status. If you want to invest time and effort in acquiring knowledge about cloud technologies, then it’s better to go with the leader.

NEW QUESTION 54
For negligence in implementing and maintaining the reasonable security practices and procedures for protecting Sensitive Personal Data or Information (SPDI) as mentioned in Section 43A and associated rules under IT (Amendment) Act, 2008, a corporate entity may be liable to pay compensation of up to___________

Rs. 50,000,000

Rs. 500,000,000

Rs. 5,000,000

Upper limit not defined

Section: Privacy Principles and Laws
Explanation/Reference: https://shodhganga.inflibnet.ac.in/bitstream/10603/164562/3/chapter%20ii.pdf

NEW QUESTION 55
According to the IT (Amendment) Act, 2008, a corporate entity could be liable to pay compensation for negligence in implementing and maintaining reasonable security practices and procedures in order to protect Sensitive Personal Data or Information. What is the amount of penalty?

Upper limit not defined

Rs. 5,000,000

Rs. 50,000,000

Rs. 500,000,000

Rs. 5 Crore Sec 43A – “Where a body corporate possessing, dealing or handling any sensitive personal data or information in a computer resource which it owns, controls or operates, is negligent in implementing and maintaining reasonable security practices and procedures and thereby causes wrongful loss or wrongful gain to any person, such body corporate shall be liable to pay damages by way of compensation to the person so affected.” Compensation for failure to implement reasonable security practices can be upto Rs. 5 Crores (the Adjudicating Officer has the power to award this). A data subject can further approach a civil court if compensation desired is more than Rs. 5 Crore.

NEW QUESTION 56
A multinational company with operations in several parts within EU and outside EU, involves international
data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in
size, the organization has a works council. Most of the data transferred is personal, and some of the data that
the organization collects is sensitive in nature, the processing of some of which is also outsourced to its
branches in Asian countries.
For exporting EU branch employees’ data to Asian Countries for processing, which of the following
instruments could be used for legal data transfer?

Customized contracts mandating ISO 27001 certification by the data processor

Standard Contractual Clauses

Binding Corporate Rules

Safe Harbor

NEW QUESTION 57
A country should allow its citizens to access specific information owned by the government in order to
bring transparency in the government administration processes. This is the basis for formulation of which
of the following rights in India?

Right to Privacy Act

Right to Information Act

Right to Freedom of Speech and Expression

Right to Social Security

NEW QUESTION 58
A government agency collecting biometrics of citizens can deny sharing such information with Law
Enforcement Agencies (LEAs) on which of the following basis?

The purpose of collecting the biometrics is different than what LEAs intent to use it for

The consent of data subjects has not been taken

Government agencies would share the biometrics with LEAs on one condition if LEA properly notify
the citizens

None of the above, as government agencies would never deny any LEA for sharing such information for
the purpose of mass surveillance

NEW QUESTION 59
From the following list, identify the technology aspects that are specially designed for upholding the privacy:
i. Data minimization
ii. Intrusion prevention system
iii. Data scrambling
iv. Data loss prevention
v. Data portability
vi. Data obfuscation
vii. Data encryption
viii. Data mirroring
Please select the correct set of aspects from below options:

Only i., iii., vii. and viii

Only i., ii., iii., vii. and viii

Only i., ii., vi. and vii

Only ii., v., vi., vii. and viii

Section: Privacy Technologies and Organization Ecosystem

NEW QUESTION 60
Which of the following factor is least likely to be considered while implementing or augmenting data security solution for privacy protection:

Security controls deployment at the database level

Information security infrastructure up-gradation in the organization

Classification of data type and its usage by various functions in the organization

Training and awareness program for third party organizations

NEW QUESTION 61
Which among the following organizations

WebTrust

Transaction Guard

BBBOnline

EuroPriSe

NEW QUESTION 62
For negligence in implementing and maintaining the reasonable security practices and procedures for
protecting Sensitive Personal Data or Information (SPDI) as mentioned in Section 43A and associated
rules under IT (Amendment) Act, 2008, a corporate entity may be liable to pay compensation of up
to___________

Rs. 50,000,000

Rs. 500,000,000

Rs. 5,000,000

Upper limit not defined

Explanation/Reference:
Reference: https://shodhganga.inflibnet.ac.in/bitstream/10603/164562/3/chapter%20ii.pdf

NEW QUESTION 63
A government agency collecting biometrics of citizens can deny sharing such information with Law Enforcement Agencies (LEAs) on which of the following basis?

The purpose of collecting the biometrics is different than what LEAs intent to use it for

The consent of data subjects has not been taken

Government agencies would share the biometrics with LEAs on one condition if LEA properly notify the citizens

None of the above, as government agencies would never deny any LEA for sharing such information for the purpose of mass surveillance

Section: Privacy Fundamentals

NEW QUESTION 64
Which among the following is the Canadian privacy law?

COPPA

PIPEDA

HIPAA

IT Act of Canada

NEW QUESTION 65
Health insurance firm based in the US uses BPM services provided by an Indian company. It was found that one of the employees of the Indian company exported customer data of the insurance company to another US-based insurance company. Under which of the below ground, the company and its executives in India were also subjected to legal action ?

These actions were not avoided by using data loss prevention tools.

No reasonable security practices were implemented to protect data.

Employees of the company were allowed to view sensitive personal information.

Background checks were not conducted on the individuals.

Health Insurance Portability and Accountability Act (HIPAA) Defines two types of controls – required and addressable. Required controls are mandatory for covered entities but for ‘addressable’ controls entities need to assess whether each implementation specification is a reasonable and appropriate safeguard in its environment, when analyzed with reference to the likely contribution to protecting the entity’s electronic protected health information.

NEW QUESTION 66
For negligence in implementing and maintaining the reasonable security practices and procedures for
protecting Sensitive Personal Data or Information (SPDI) as mentioned in Section 43A and associated rules
under IT (Amendment) Act, 2008, a corporate entity may be liable to pay compensation of up to___________

Rs. 50,000,000

Rs. 500,000,000

Rs. 5,000,000

Upper limit not defined

Reference: https://shodhganga.inflibnet.ac.in/bitstream/10603/164562/3/chapter%20ii.pdf

NEW QUESTION 67
By collecting, storing, and processing personal information on living individuals electronically, Star Link Company could qualify as:

Data Subject

Data Processor

Data Controller

Data Controller An organization that determines means and purpose for data processing is called a Data Controller. It may or may not be the organization that directly collects PI from a data subject but, is accountable for PI usage, security, etc. All organizations are Data Controllers by default for their employees’ PI. Data Processor An organization that processes PI based on instructions of Data Controllers. In some instances, it may also be the organization that collect PI directly from the individuals, on behalf of Data Controller. A BPM organization processing personal information on behalf of clients would be a data processor. Similarly, a sales agent for a bank would also come under this category.

NEW QUESTION 68
Provisions in which of the following legislations in India have or could have a direct conflict with an individual’s privacy (though exceptions could have already been defined in the law)?

Right to Information (Amendment) Act, 2013

TheLokPal and LokaYuktas Act, 2013

National Food Security Act, 2013

Official Secrets Act, 1923

Section: Privacy Principles and Laws

NEW QUESTION 69
Which of the following categories of information are generally protected under privacy laws?

Personally Identifiable Information (PII)

Sensitive Personal Information (SPI)

Trademark, copyright and patent information

Organizations’ confidential business information

Section: Privacy Principles and Laws

NEW QUESTION 70
Which among the following is the Canadian privacy law?

COPPA

PIPEDA

HIPAA

IT Act of Canada

Section: Privacy Principles and Laws

NEW QUESTION 71
Which of the following wasn’t prescribed as a privacy principle under the OECD Privacy Guidelines, 1980?

Openness

Data minimization

Security Safeguard

Purpose Specification

Section: Privacy Principles and Laws
Explanation/Reference:
Reference: https://www.oecd.org/internet/ieconomy/
oecdguidelinesontheprotectionofprivacyandtransborderflowsofpersonaldata.htm

NEW QUESTION 72
What are the roles an organization can play from privacy perspective?
i. Data Controller – determines the means and purpose of processing of data which is collected from its
end customers
ii. Data Controller – determines the means and purpose of processing of data which is collected from its
employees
iii. Data Sub-Processor – processes personal data on behalf of data processor
iv. Joint Controller – determines the means and purpose of data processing along with other data
controller
Please select correct option:

i, ii and iii

ii, iii and iv

i, iii and iv

i, ii, iii and iv

NEW QUESTION 73
Company A collects and stores information from people X & Y on behalf of company B.
Which of the following statements are true?

A is the data controller since it collects data directly from X & Y

B is the data controller while A is the sub processor as B has outsourced the data collection and
processing to A

B is the data controller that uses A as data processor to collect and process data of data subjects X
and Y

Both A & B are data controllers since both need to maintain highest principles of data protection

NEW QUESTION 74
Which of the following laid foundation for the development of OECD privacy principles for the promotion of free international trade and trans border data flows?

Fair information Privacy Practices of US, 1974

EU Data Protection Directive

Safe Harbor Framework

WTO’s Free Trade Agreement

Section: Privacy Fundamentals

NEW QUESTION 75
Under which of the following conditions can a company in India may transfer sensitive personal information
(SPI) to any other company or a person in India, or located in any other country?

Transfer of information is allowed to those who ensure the same level of data protection that is adhered
to by the company as provided for under the Indian laws

The transfer of information is allowed only after taking approval of Chief Information Commissioner of
India

The transfer of information is allowed only after taking approval of DeitY (Department of Electronics &
Information Technology) in India

The transfer may be allowed only if it is necessary for the performance of the lawful contract or where
the data subject has consented to data transfer

NEW QUESTION 76
A Privacy Impact Assessment (PIA) should ideally accomplish which of the following goals?

To determine the risks and effects of collecting, storing and distributing personal information

To evaluate processes for handling personal information for mitigating potential privacy risks

To acknowledge the organization’s role in collecting personal identifiable information

To comply with ISO 27001:2013 standard

Reference: https://www.state.gov/privacy/pias/index.htm

NEW QUESTION 77
What does PHI stand for, as per HIPAA/ HITECH?

Personal heuristic information

Public health information

Protected health information

Personal health information

Loading …

How much DSCI DCPP-01 Privacy Professional Certification Cost

The exam fee for the AWS Solutions Architect Associate certification exam is $150, and you can also take a preparation exam that costs $20. Whereas, for the professional level examination, the fee is $300. For more information related to exam price, please visit the official website AWS Website as the cost of exams may be subjected to vary county-wise.

DCPP-01 Exam Dumps Pass with Updated 2022 Certified Exam Questions: https://www.topexamcollection.com/DCPP-01-vce-collection.html

DCPP-01 Practice Tests

Released DSCI DCPP-01 Updated Questions PDF [Q54-Q77]

Related Certifications

DCPP-01