
DCPP-01 Questions Prepare with Learning Information! 2022 Regularly updated
Get DCPP-01 Products Practice Material for DCPP-01 Exam Question Preparation
Who should take the DSCI DCPP-01 Privacy Professional Certification
The candidate most suitable for DSCI DCPP-01 Privacy Professional Certificationwould be the one with at least 1 year of practical experience designing secure, high-performing, cost-effective, highly usable, and scalable systems by using Amazon Web Services.
The candidate would also have some knowledge about the following:
- Practical experience in utilizing compute, networking, storage, management, and database AWS services
- Must be familiar with the global infrastructure of Amazon Web Services
- Knowledge of best practices for developing well-architected solutions on Amazon Web Services
- The sense to identify which AWS services are most suitable for a given technical need
NEW QUESTION 21
A company collects personal information about its employees and requests them to provide accurate information in order to avail benefits such as life insurance and medical insurance. Employees of the company have raised concerns about use of their personal information. Due to the concerns, the company has decided to create a privacy policy. What all should the company include in its privacy policy to address the raised concerns?
- A. Information about how personal information is processed and used, specifically
- B. The purpose of collection of personal data
- C. The principle of presumed consent for data disclosure to avail benefits
- D. Contact details of Law Enforcement Agencies (LEA) to whom information is disclosed
Answer: A
NEW QUESTION 22
A Privacy Impact Assessment (PIA) should ideally accomplish which of the following goals?
- A. To evaluate processes for handling personal information for mitigating potential privacy risks
- B. To acknowledge the organization's role in collecting personal identifiable information
- C. To comply with ISO 27001:2013 standard
- D. To determine the risks and effects of collecting, storing and distributing personal information
Answer: A
NEW QUESTION 23
Which among the following can be classified as the most important purpose for enactment of data protection/ privacy regulations across the globe?
- A. Ensure peace in the society
- B. Protect individual rights
- C. Penalize the organizations and impose fines for failure to protect privacy
- D. Protect the constitution
Answer: B
NEW QUESTION 24
Companies based in EU and willing to transfer data outside the EU/EEA, use model contracts as an
instrument. Which of the following statements are true in reference to above statement?
- A. It is a requirement mentioned in the OECD Privacy Framework
- B. It is a requirement mentioned in the EU E-Commerce Directive
- C. It is a requirement mentioned in EU Data Protection Directive
- D. None of the above
Answer: D
NEW QUESTION 25
A company collects personal information about its employees and requests them to provide accurate
information in order to avail benefits such as life insurance and medical insurance. Employees of the company
have raised concerns about use of their personal information. Due to the concerns, the company has decided to
create a privacy policy. What all should the company include in its privacy policy to address the raised
concerns?
- A. Information about how personal information is processed and used, specifically
- B. The purpose of collection of personal data
- C. The principle of presumed consent for data disclosure to avail benefits
- D. Contact details of Law Enforcement Agencies (LEA) to whom information is disclosed
Answer: A
NEW QUESTION 26
What is the standard definition for Data Controller?
- A. One who stores the data
- B. One who shares the data with third parties
- C. One who necessarily collects the data
- D. One who determines the purpose and means of processing
Answer: D
Explanation:
Section: Privacy Fundamentals
Explanation/Reference: https://www.atinternet.com/en/glossary/data-controller/
NEW QUESTION 27
According to the privacy statement of an organization, which of the following words is true?
- A. The Information Technology (Amendment) Act, 2008 does not require the publication of privacy policies on websites in India
- B. A privacy statement demonstrates to stakeholders how an organization gathers, uses, discloses, and manages personal information
- C. The content of an organization's online privacy statement will be influenced by the applicable laws, and may need to address requirements across geographic boundaries and legal jurisdictions
- D. In order to follow privacy laws, it is mandatory that there is a phone contact information for the organization's owner in the online privacy statement so that customers can reach out in case of a concern or incident, which can be managed online
Answer: C
NEW QUESTION 28
A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some of the data that the organization collects is sensitive in nature, the processing of some of which is also outsourced to its branches in Asian countries.
Which of the following are not mandatory pre-requisite before transferring sensitive personal data to its Asian branches?
- A. Determining adequacy status of the country
- B. Conducting risk assessment for the processing involved
- C. Self-certifying to Safe Harbor practices and reporting to Federal Trade Commission
- D. Notifying the data subject
Answer: C
Explanation:
Section: Privacy Principles and Laws
NEW QUESTION 29
Which of the following could be considered as triggers for updating privacy policy?
- A. Change in service provider for an established business process
- B. Recruitment of more employees
- C. Regulatory changes
- D. Privacy breach
Answer: C
Explanation:
Section: Privacy Technologies and Organization Ecosystem
NEW QUESTION 30
If XYZ & Co. collects, stores and processes personal information of living persons, electronically in a structured filing system, then XYZ could be a:
- A. Data Controller
- B. Data Subject
- C. Data Processor
- D. Either A or B
Answer: A
Explanation:
Section: Privacy Fundamentals
NEW QUESTION 31
As part of the environment scanning to identify security risks to personal information, which of the following environments would be least relevant for the organization?
- A. Client's environment
- B. Organization's own environment
- C. Service provider's environment
- D. Government agencies' environment which seek lawful access to personal data
Answer: D
NEW QUESTION 32
In the wake of privacy-related concerns arising from various policies around the world, which of the following has not driven increased regulatory responses?
- A. Data privacy professionals are in high demand
- B. Rapid growth of social networking sites, which are used to share a lot of personal information
- C. Information about individuals having a greater economic value
- D. Data flows across borders and outsourcing in a globalized world
Answer: A
Explanation:
Rising demand of data privacy professionals is not concern.
NEW QUESTION 33
According to The Information Technology (Reasonable Security Practices And Procedures and Sensitive Data or Information) Rules, 2011, which of the following does not fall under the category of Sensitive Personal Data or Information?
- A. Medical records and history
- B. Password
- C. Sexual orientation
- D. Religious Beliefs
Answer: B
Explanation:
Section: Privacy Principles and Laws
Explanation/Reference: https://www.mondaq.com/india/data-protection/626190/information-technology-reasonable-security- practices-and-procedures-and-sensitive-personal-data-or-information-rules-2011
NEW QUESTION 34
Which of the following provides the legal basis for an Adjudicating Officer in every Indian state & union
territory, with the powers of a civil court, to hear complaints and order compensation to the affected
individuals?
- A. Indian Criminal Procedure Code
- B. Telecom Regulatory Authority of India (TRAI) Act
- C. Indian Civil Code
- D. Information Technology Act, 2000 & Information Technology (Amendment) Act, 2008
Answer: C
NEW QUESTION 35
Which of the following laid foundation for the development of OECD privacy principles for the promotion of free international trade and trans border data flows?
- A. WTO's Free Trade Agreement
- B. Safe Harbor Framework
- C. Fair information Privacy Practices of US, 1974
- D. EU Data Protection Directive
Answer: D
NEW QUESTION 36
A ministry under government of India plans to collect citizens' information related to their education, medical
condition, economic status, caste and religion. As per the privacy requirements mentioned under Sec 43A of
IT (Amendment) Act, 2008, the citizens' 'Consent' would be mandatory for which of the following elements
before their collection?
- A. Sec 43A may not be applicable
- B. Educational records
- C. Medical condition
- D. Caste and religion
Answer: C
NEW QUESTION 37
Companies based in EU and willing to transfer data outside the EU/EEA, use model contracts as an instrument.
Which of the following statements are true in reference to above statement?
- A. It is a requirement mentioned in the OECD Privacy Framework
- B. It is a requirement mentioned in the EU E-Commerce Directive
- C. It is a requirement mentioned in EU Data Protection Directive
- D. None of the above
Answer: D
Explanation:
Section: Privacy Principles and Laws
NEW QUESTION 38
If XYZ & Co. collects, stores and processes personal information of living persons, electronically in a structured filing system, then XYZ could be a:
- A. Data Controller
- B. Data Subject
- C. Data Processor
- D. Either A or B
Answer: A
NEW QUESTION 39
Which of the following privacy regulation advocates de-identification of personal information?
- A. Canada's PIPEDA
- B. IT Act of India
- C. EU Data Protection Directive
- D. Australia's ANPP
Answer: C
Explanation:
Section: Privacy Principles and Laws
NEW QUESTION 40
Under which of the following conditions can a company in India may transfer sensitive personal information
(SPI) to any other company or a person in India, or located in any other country?
- A. The transfer of information is allowed only after taking approval of DeitY (Department of Electronics &
Information Technology) in India - B. The transfer of information is allowed only after taking approval of Chief Information Commissioner of
India - C. The transfer may be allowed only if it is necessary for the performance of the lawful contract or where
the data subject has consented to data transfer - D. Transfer of information is allowed to those who ensure the same level of data protection that is adhered
to by the company as provided for under the Indian laws
Answer: D
NEW QUESTION 41
What is not a compulsory pre-requisite before a company with headquarters in the EU transfers sensitive personal data to its Asian subsidiaries?
- A. Data subjects are notified
- B. Self-certifying to Safe Harbor practices and reporting to Federal Trade Commission
- C. Performing a risk assessment for the processing involved
- D. Assessing the country's adequacy
Answer: B
NEW QUESTION 42
'Challenging Compliance' as a privacy principle is covered in which of the following data protection/ privacy act?
- A. UK Data Protection Act, 2018
- B. Singapore Data Protection Act, 2012
- C. Federal Data Protection Act, Germany (BDSG)
- D. Personal Information Protection and Electronic Documents Act (PIPEDA)
Answer: D
Explanation:
Section: Privacy Principles and Laws
NEW QUESTION 43
A Privacy Impact Assessment (PIA) should ideally accomplish which of the following goals?
- A. To evaluate processes for handling personal information for mitigating potential privacy risks
- B. To acknowledge the organization's role in collecting personal identifiable information
- C. To comply with ISO 27001:2013 standard
- D. To determine the risks and effects of collecting, storing and distributing personal information
Answer: A
Explanation:
Reference: https://www.state.gov/privacy/pias/index.htm
NEW QUESTION 44
Complete the sentence:
The Gramm-Leach-Bliley Act (GLBA) of US regulates the privacy practices adopted by financial institutions,
requiring them to provide adequate security of the customer records. It lays various obligations on the financial
institutions but allows such financial institutions to share the non-public information of customers (after
properly notifying their consumers in a manner mentioned in the Act) with
- A. Its affiliates only after obtaining explicit consent from the consumers
- B. Its affiliates after obtaining explicit permission of Federal Trade Commission
- C. Its affiliates after disclosure in initial and annual GLBA privacy notices
- D. Its affiliates without need for obtaining explicit consent from the consumers for sharing their data
Answer: A
NEW QUESTION 45
......
How much DSCI DCPP-01 Privacy Professional Certification Cost
The exam fee for the AWS Solutions Architect Associate certification exam is $150, and you can also take a preparation exam that costs $20. Whereas, for the professional level examination, the fee is $300. For more information related to exam price, please visit the official website AWS Website as the cost of exams may be subjected to vary county-wise.
Most Reliable DSCI DCPP-01 Training Materials: https://www.topexamcollection.com/DCPP-01-vce-collection.html
The Realest Study Materials DCPP-01 Dumps: https://drive.google.com/open?id=1TiKdphGmWDwhsewqxBlYcvyVJg6tgrUN

