CDPSE Practice Questions
437 real CDPSE exam questions with expert-verified answers and explanations. Page 8 of 9.
- Question #351Privacy Architecture
Which of the following controls BEST helps to maintain the integrity of customer information?
Data IntegrityHashingSecurity ControlsPrivacy-Enhancing Technologies - Question #352Privacy Governance
An organization's privacy office is planning to conduct privacy awareness training for all staff. Which of the following topics is MOST important to include to help improve data pr...
Privacy awareness trainingData classificationData protectionOrganizational practices - Question #353Privacy Governance
Which of the following should be done FIRST when creating specialized training for employees with key duties to protect personal data?
Training & AwarenessPrivacy Program ManagementRoles & ResponsibilitiesSkill Development - Question #354Data Life Cycle
An organization is considering the use of generative AI to create realistic marketing content, such as personalized product descriptions. Which of the following is the MOST importa...
Generative AI privacyData disclosureSensitive informationMarketing privacy - Question #355Data Life Cycle
In a system implementation project where production data must be used for testing, which of the following practices would MOST effectively protect customer data privacy?
Data obfuscationData privacyTesting dataData protection - Question #356Privacy Architecture
Which privacy-enhancing technology (PET) BEST enables third parties to process and manipulate data in its encrypted form?
Privacy-enhancing technologies (PETs)Homomorphic encryptionData processingEncrypted data computation - Question #357Privacy Architecture
Which of the following assurance approaches is MOST effective in identifying vulnerabilities within an application programming interface (API) transferring personal data?
API securitySource code reviewVulnerability assessmentData privacy - Question #358Privacy Architecture
Zero-knowledge proofs, secure multi-party computation, and homomorphic encryption are examples of:
Privacy-enhancing technologies (PETs)Zero-knowledge proofsSecure multi-party computationHomomorphic encryption - Question #359Privacy Governance
Consent MUST be obtained from a data subject when:
ConsentPurpose LimitationLegal Basis for ProcessingData Repurposing - Question #360Privacy Architecture
During which of the following system life cycle stages is it BEST to identify privacy controls for a machine learning (ML) model that consumes personal data?
Privacy by DesignML PrivacySystem Development Life Cycle (SDLC)Privacy Controls - Question #361Privacy Governance
Of the following, who is BEST suited to verify the quality of personal data following a merger and acquisition integration?
Data ownershipData qualityRoles and responsibilitiesM&A data integration - Question #362Data Life Cycle
Which type of information requires the HIGHEST level of protection from a privacy perspective?
Sensitive Personal InformationBiometric DataData ClassificationPrivacy Protection - Question #363Privacy Governance
A privacy practitioner has been asked to develop a privacy program for a client that has new privacy requirements due to its expansion into a new geographic region. Which of the fo...
Privacy program developmentRegulatory requirementsGeographic expansionCompliance strategy - Question #364Data Life Cycle
An organization is planning to implement an IT solution based on Internet of Things (IoT) tracking technology. Which of the following is the GREATEST risk associated with this solu...
IoT PrivacyPersonal Data SharingData Disclosure RiskPrivacy Risk Assessment - Question #365Privacy Governance
What solution set should an organization implement to BEST ensure its data privacy activities are being centralized?
GRCPrivacy program managementCentralizationPrivacy tools - Question #366Privacy Architecture
Which of the following domains is the foundation for the execution of all other security and privacy operations?
Asset ManagementFoundational ControlsPrivacy OperationsSecurity Operations - Question #367Data Life Cycle
Which of the following is the PRIMARY reason asset management is important to a privacy program?
Asset ManagementIncident ResponsePrivacy ProgramData Breach - Question #368Privacy Architecture
Which strategy would be MOST effective for an organization to enhance privacy in machine learning (ML) model deployment?
Machine Learning PrivacyDifferential PrivacyPrivacy-Enhancing Technologies (PETs)Model Deployment - Question #369Data Life Cycle
Which of the following provides the MOST useful information when determining the scope of a privacy audit?
Privacy auditAudit scopeData flow mappingData life cycle management - Question #370Privacy Architecture
Which of the following is the BEST source for forensic and analytic information when an organization is investigating suspicious activities from corporate-owned laptops?
Incident ResponseEndpoint SecurityForensic AnalysisSecurity Technologies - Question #371Privacy Architecture
Which of the following is a privacy-enhancing technology (PET)?
Privacy-Enhancing Technologies (PETs)Synthetic dataData anonymization - Question #372Privacy Architecture
Which of the following BEST illustrates privacy by design in the development of a consumer mobile application?
Privacy by DesignConsent ManagementMobile Application PrivacyData Sharing Controls - Question #373Privacy Architecture
Which of the following can BEST identify failures of enterprise architecture (EA) to support privacy by design principles?
Privacy by DesignPrivacy Impact Assessment (PIA)Enterprise ArchitecturePrivacy Risk Management - Question #374Privacy Governance
Which of the following artifacts is MOST important for demonstrating compliance with privacy regulations when deploying off-premise cloud solutions?
Privacy Impact Assessment (PIA)Cloud PrivacyCompliance DemonstrationPrivacy Regulations - Question #375Privacy Governance
Which of the following is MOST important for an organization to include in its website's cookie policy?
Cookie policyTransparencyInformed consentData collection purpose - Question #376Privacy Architecture
Which of the following is the MOST important privacy consideration when selecting a system architecture for a human resources information system?
Privacy by DesignSystem ArchitectureRegulatory ComplianceData Protection - Question #377Privacy Governance
A request for consent to collect personal data MUST:
Consent managementData collectionPrivacy regulationsLegal compliance - Question #378Privacy Governance
Which of the following characteristics of a cloud service provider (CSP) poses the GREATEST privacy-related compliance risk?
Cloud PrivacyThird-Party Risk ManagementCompliance AuditingContractual Privacy Clauses - Question #379Data Life Cycle
Which of the following practices BEST indicates an organization follows the data minimization principle?
Data MinimizationPrivacy PrinciplesData RetentionData Review - Question #380Privacy Architecture
Which of the following is the BEST way to identify vulnerabilities in an organization's web application that processes personal data?
Application Security TestingDASTVulnerability IdentificationWeb Application Security - Question #381Privacy Architecture
When capturing browsing and purchase data from consumers visiting a corporate website more than once, which of the following metadata-based technologies is typically used to identi...
HTTP cookiesWeb trackingConsumer identificationOnline privacy - Question #382Privacy Governance
Which of the following BEST enables an organization to manage privacy risk consistently over time?
Privacy risk managementRisk mitigation trackingPrivacy program managementContinuous monitoring - Question #383Privacy Architecture
An organization is implementing database servers that will store personal data within a hosting environment. Which of the following is MOST important to incorporate to help ensure...
System hardeningDatabase securityTechnical controlsPersonal data protection - Question #384Data Life Cycle
Which of the following strategies BEST mitigates the risks associated with exploiting the capabilities of generative AI for cyberattacks?
Generative AICybersecurityRisk MitigationData Validation - Question #385Privacy Governance
An organization identifies a risk that data subject access requests may not be managed within the regulatory timeline. The organization decides to outsource the data subject access...
Risk ManagementRisk ResponseOutsourcingData Subject Rights - Question #386Data Life Cycle
Which of the following is the FIRST step to protect data subject privacy when planning the deployment of a public monitoring system?
Privacy Impact AssessmentPrivacy by DesignPrivacy Risk ManagementData Protection Planning - Question #387Privacy Governance
Which of the following is the MOST important course of action to establish an effective process for identifying and managing privacy risk across an organization?
Privacy risk managementRisk management frameworkPrivacy program establishmentPrivacy governance - Question #388Data Life Cycle
An assessment of an organization's cloud infrastructure has determined that for some services, the metadata of some transactions is transmitted through different jurisdictions. Whi...
Privacy Risk AssessmentCross-border Data TransfersCloud PrivacyMetadata Protection - Question #389Privacy Governance
Which of the following is the BEST approach for an organization looking to share privacy risk?
Third-party risk managementData sharing agreementsContractsRisk allocation - Question #390Data Life Cycle
Which of the following MOST effectively ensures data privacy when sharing datasets for machine learning (ML) model training?
Data PrivacyData AnonymizationData SharingMachine Learning - Question #391Privacy Governance
Which of the following is the MOST important consideration when processing personal data for an AI project?
Legal BasisData ProcessingAI PrivacyCompliance - Question #392Privacy Governance
An organization is considering whether to expand its operations into additional international jurisdictions. After performing a privacy risk assessment, the organization decides no...
Privacy Risk ManagementRisk ResponseRisk AvoidanceStrategic Decision-Making - Question #393Data Life Cycle
Which of the following would BEST ensure privacy when utilizing AI-based technologies?
Data MinimizationAI PrivacyPrivacy-Enhancing TechnologiesPrivacy by Design - Question #394Privacy Architecture
Which of the following privacy-enhancing technologies (PETs) is MOST effective for ensuring individual data records cannot be linked back to specific individuals in a dataset?
Privacy-enhancing technologies (PETs)Differential privacyRe-identification preventionData de-identification - Question #395Privacy Architecture
Which of the following can be used to assist with identity verification without access to the actual data?
Zero-knowledge proofsIdentity verificationPrivacy-enhancing technologiesCryptography - Question #396Privacy Governance
Which of the following is MOST suitable for facilitating and reporting to senior management on the enterprise privacy posture over time?
Continuous MonitoringPrivacy ReportingSenior Management ReportingPrivacy Posture - Question #397Privacy Architecture
Which of the following is the BEST way to ensure privacy is embedded into the training of an AI model?
AI PrivacySynthetic DataPrivacy-Enhancing Technologies (PETs)Privacy by Design - Question #398Privacy Governance
Which of the following is the BEST approach for an organization that wants to transfer risk associated with a potential breach involving customer personal data?
Risk managementRisk transferCyber insurance - Question #399Privacy Governance
A staffing agency collects a broad scope of data on candidates (including education, credit, and medical history). This may violate which of the following data privacy principles?
Data minimizationPrivacy principlesData collection - Question #400Privacy Architecture
Which of the following can BEST help an organization ensure that it maintains accurate and up- to-date data inventory records?
Data inventoryAutomated data discoveryData classificationPrivacy enhancing technologies