callicon +1 210-504-8191
whatsAppIcon +1 210-504-8191
emailIcon info@koenig-solutions.com
koenig-logo
logo-30-years
Login
koenig-logo
+1 210-504-8191
+1 210-504-8191

Certified Data Privacy Solutions Engineer-CDPSE Quiz Questions and Answers

Answer :
  • conduct focus group to discuss possible avenue of approach

Explanation :

Organizational culture is powerful, as it reflects how people think and work. In this example, there is no mention that the strong culture is bad, only that it is casual. Punishing people for their behavior may cause resentment, a revolt, or the loss of good employees who decide to leave the organization. The best approach here is to try to understand the culture and work with people in the organization to figure out how a culture of privacy and security can be introduced successfully
Answer :
  • confusion as the classification scheme is too complicated

Explanation :

A data classification policy with 12 different classifications is going to be confusing for most any workforce to adopt. First, workers will probably have trouble correctly classifying data in every instance. Next, the handling procedures are likely going to be lengthy, since presumably, they will differ somehow for each classification. A better approach is a simpler scheme with no more than four classification levels.
Answer :
  • Retain expert privacy counsel to opine on applicability and interpretation

Explanation :

When a new privacy regulation is passed, particularly one that is extraterritorial, the best first step for an organization to take is to obtain qualified expert legal counsel to help the organization better understand the applicability of the new regulation and to interpret the regulation so that the organization can understand what changes to processes and systems are necessary to comply
Answer :
  • Remote sytems not on VPN will not be protected by the network based IPS

Explanation :

Network-based IPS protects only those devices on the internal network. Devices connected via VPN will also be protected during VPN sessions, provided the VPN does not permit split tunneling. A better solution for a remote workforce is agent/cloud-based IPS that is built into each endpoint, so that they are protected regardless of location.
Answer :
  • traffic on open Wi-Fi network is not encrypted

Explanation :

Open Wi-Fi networks do not encrypt over-the-air traffic—it is transmitted in plaintext. Although some protocols such as HTTPS are encrypted, many other protocols are not. Because it is easy to eavesdrop on all users’ network traffic on an open Wi-Fi network, it is important to set up a VPN session so that all traffic will be encrypted
Answer :
  • None of these

Explanation :

By itself, privacy policy tells someone little about an organization’s privacy practices. An organization’s policy is only a collection of statements; without examining business processes, business records, and interviewing personnel, a privacy professional cannot develop any conclusions about an organization’s privacy practices.
Answer :
  • Security hardening of the hypervisor layer

Explanation :

The primary concern in a physical-to-virtual migration is the security of the hypervisor. If the hypervisor is not hardened, it could be compromised, which could lead to the compromise of guest OSs. Security concerns will be exactly the same for operating systems that are copied into the virtualization environment.
Answer :
  • Remove or anonymize the data subject's personal information as permitted by another applicable law

Explanation :

The organization may proceed with the data subject’s data removal request, provided that there are no other laws requiring the retention of this information. For example, banks are typically not permitted to remove financial records for current or former customers.
Answer :
  • Forbid the collection of the additional PII fields

Explanation :

According to data minimization principles, specific personal information fields should not be collected from data subjects unless there is a clear and present need for their use. Otherwise, such collection introduces additional risk without any benefit
Answer :
  • DLP Discovery

Explanation :

DLP discovery is the correct class of tooling to determine the extent to which PII exists on unstructured file shares. DLP discovery tools scan file shares, looking for specific patterns that indicate sensitive or personal information.