Isaca CDPSE - Certified Data Privacy Solutions Engineer Exam
Page: 1 / 57
Total 285 questions
Question #1 (Topic: Exam A)
What should be the PRIMARY consideration of a multinational organization deploying a user and entity behavior analytics (UEBA) tool to centralize the monitoring of anomalous employee behavior?
A. Cross-border data transfer
B. Support staff availability and skill set
C. User notification
D. Global public interest
Answer: A
Question #2 (Topic: Exam A)
Which of the following should be the FIRST consideration when conducting a privacy impact assessment (PIA)?
A. The applicable privacy legislation
B. The quantity of information within the scope of the assessment
C. The systems in which privacy-related data is stored
D. The organizational security risk profile
Answer: C
Question #3 (Topic: Exam A)
Which of the following BEST represents privacy threat modeling methodology?
A. Mitigating inherent risks and threats associated with privacy control weaknesses
B. Systematically eliciting and mitigating privacy threats in a software architecture
C. Reliably estimating a threat actor’s ability to exploit privacy vulnerabilities
D. Replicating privacy scenarios that reflect representative software usage
Answer: A
Question #4 (Topic: Exam A)
An organization is creating a personal data processing register to document actions taken with personal data. Which of the following categories should document controls relating to periods of retention for personal data?
A. Data archiving
B. Data storage
C. Data acquisition
D. Data input
Answer: A
Question #5 (Topic: Exam A)
Data collected by a third-party vendor and provided back to the organization may not be protected according to the organization’s privacy notice. Which of the following is the BEST way to address this concern?
A. Review the privacy policy.
B. Obtain independent assurance of current practices.
C. Re-assess the information security requirements.
D. Validate contract compliance.
Answer: D
