Isaca CDPSE Certification Practice Questions & Answers

Question 6 of 374

During the design of a role-based user access model for a new application, which of the following principles is MOST important to ensure data privacy is protected?

A.

Segregation of duties

B.

Unique user credentials

C.

Two-person rule

D.

Need-to-know basis

Question 7 of 374

Which of the following should FIRST be established before a privacy office starts to develop a data protection and privacy awareness campaign?

A.

Detailed documentation of data privacy processes

B.

Strategic goals of the organization

C.

Contract requirements for independent oversight

D.

Business objectives of senior leaders

Question 8 of 374

Which of the following features should be incorporated into an organization’s technology stack to meet privacy requirements related to the rights of data subjects to control their personal data?

A.

Providing system engineers the ability to search and retrieve data

B.

Allowing individuals to have direct access to their data

C.

Allowing system administrators to manage data access

D.

Establishing a data privacy customer service bot for individuals

Question 9 of 374

Which of the following is the GREATEST concern for an organization subject to cross-border data transfer regulations when using a cloud service provider to store and process data?

A.

The service provider has denied the organization’s request for right to audit.

B.

Personal data stored on the cloud has not been anonymized.

C.

The extent of the service provider’s access to data has not been established.

D.

The data is stored in a region with different data protection requirements.

Question 10 of 374

When configuring information systems for the communication and transport of personal data, an organization should:

A.

adopt the default vendor specifications.

B.

review configuration settings for compliance.

C.

implement the least restrictive mode.

D.

enable essential capabilities only.