CIPT Free Practice Test

Which of the following is considered a client-side IT risk?

1. A. Security policies focus solely on internal corporate obligations.
2. B. An organization increases the number of applications on its server.
3. C. An employee stores his personal information on his company laptop.
4. D. IDs used to avoid the use of personal data map to personal data in another database.

Correct Answer: C

What privacy risk is NOT mitigated by the use of encrypted computation to target and serve online ads?

1. A. The ad being served to the user may not be relevant.
2. B. The user’s sensitive personal information is used to display targeted ads.
3. C. The personal information used to target ads can be discerned by the server.
4. D. The user’s information can be leaked to an advertiser through weak de-identification techniques.

Correct Answer: D

Users of a web-based email service have their accounts breached through compromised login credentials. Which possible consequences of the breach illustrate the two categories of Calo’s Harm Dimensions?

1. A. Financial loss and blackmail.
2. B. Financial loss and solicitation.
3. C. Identity theft and embarrassment.
4. D. Identity theft and the leaking of information.

Correct Answer: D

Granting data subjects the right to have data corrected, amended, or deleted describes?

1. A. Use limitation.
2. B. Accountability.
3. C. A security safeguard
4. D. Individual participation

Correct Answer: D

What is the main reason a company relies on implied consent instead of explicit consent from a user to process her data?

1. A. The implied consent model provides the user with more detailed data collection information.
2. B. To secure explicit consent, a user's website browsing would be significantly disrupted.
3. C. An explicit consent model is more expensive to implement.
4. D. Regulators prefer the implied consent model.

Correct Answer: A