DSCI DCPP-01 Exam Practice Test Instant Access

Question 1

Which of the following instruments can be used for a legal data transfer when a company in the EU wishes to transfer data to Asian countries?

AFramework for the Privacy Shield

BStandard Contractual Clauses

CData processors must be certified by ISO 27001 under customized contracts

DBinding Corporate Rules

Answer : B, D

Question 2

According to the privacy statement of an organization, which of the following words is true?

AThe Information Technology (Amendment) Act, 2008 does not require the publication of privacy policies on websites in India

BThe content of an organization's online privacy statement will be influenced by the applicable laws, and may need to address requirements across geographic boundaries and legal jurisdictions

CA privacy statement demonstrates to stakeholders how an organization gathers, uses, discloses, and manages personal information

DIn order to follow privacy laws, it is mandatory that there is a phone contact information for the organization's owner in the online privacy statement so that customers can reach out in case of a concern or incident, which can be managed online

Answer : B

Question 3

How soon after becoming aware of the breach the data controller has to notify the supervisory authority under Article 33 of GDPR.

A17 hours

B24 hours

C36 hours

D72 hours

Answer : D

Question 4

Which law does not require notification of personal data breaches?

AJapanese Act on the Protection of Personal Information

BUK Data Protection Act, 2018

CGeneral Data Protection Regulation, 2016

DInformation Technology (Amendment) Act, 2008

Answer : D

Question 5

A team created by the Indian government has been assigned to create India's privacy law based on Justice AP Shah's recommendations. Is any of the following legislation necessary?

ANational privacy principles

BAn official national data controller registry should be created

CPenalties, remedies, and offenses

DA right to privacy that is explicitly enshrined in the constitution

Answer : A

Question 6

De-identification of personal information is advocated by which of the following privacy regulations?

AIT Act of India

BAustralia's ANPP

CEU Data Protection Directive

DCanada's PIPEDA

Answer : B

Question 7

When you're based in the EU and willing to share data outside the EU/EEA, then you can use model contracts. In reference to the above statement, which of the following is true?

ADirective on EU e-commerce mentions it as a requirement

BEU Data Protection Directive states that it is a requirement

COECD's Privacy Framework mentions it as a requirement

DNeither of the above

Answer : B

DSCI DCPP-01 DSCI Certified Privacy Professional Exam Practice Test