DSCI DCPP-01 Exam Practice Test Instant Access

Question 1

A company collects personal information about its employees and requests them to provide accurate information in order to avail benefits such as life insurance and medical insurance. Employees of the company have raised concerns about use of their personal information. Due to the concerns, the company has decided to create a privacy policy. What all should the company include in its privacy policy to address the raised concerns?

AThe purpose of collection of personal data

BThe principle of presumed consent for data disclosure to avail benefits

CInformation about how personal information is processed and used, specifically

DContact details of Law Enforcement Agencies (LEA) to whom information is disclosed

Answer : C

Question 2

A non-public document issued by a data controller that directs data processors to adhere to certain privacy principles while processing personal information may be referred to as:

APrivacy Policy

BPrivacy Statement

CPrivacy Notice

DSecurity Policy

Answer : C

Question 3

A Privacy Impact Assessment (PIA) should ideally accomplish which of the following goals?

ATo determine the risks and effects of collecting, storing and distributing personal information

BTo evaluate processes for handling personal information for mitigating potential privacy risks

CTo acknowledge the organization's role in collecting personal identifiable information

DTo comply with ISO 27001:2013 standard

Answer : B

Question 4

After the rules were notified under section 43A of the IT (Amendment) Act, 2008, a clarification was issued by the government which exempted the service providers, which get access to/processes Sensitive Personal Data or information (SPDI) under contractual agreement with a legal entity located within or outside Indi

a. Which privacy principle provisions notified under Sec 43A were exempted for the service providers?

AConsent

BPrivacy policy (which is published)

CAccess and Correction

DDisclosure of information

Answer : A

Question 5

In India, who among the following would be the authorized legal entities to monitor and intercept communication of individuals?

A''Intermediaries'' as defined under the IT (Amendment) Act, 2008

BTelecom Service Providers

CIntelligence and Law Enforcement Agencies

DDirectorate of Revenue Intelligence (DRI)

Answer : C

Section 69 - Power to issue directions for interception or monitoring or decryption of any information through any computer resource.--(1) Where the Central Government or a State Government or any of its officers specially authorised by the Central Government or the State Government, as the case may be, in this behalf may, if satisfied that it is necessary or expedient so to do, in the interest of the sovereignty or integrity of India, defence of India, security of the State, friendly relations with foreign States or public order or for preventing incitement to the commission of any cognizable offence relating to above or for investigation of any offence, it may subject to the provisions of sub-section (2), for reasons to be recorded in writing, by order, direct any agency of the appropriate Government to intercept, monitor or decrypt or cause to be intercepted or monitored or decrypted any information generated, transmitted, received or stored in any computer resource.

Question 6

If XYZ & Co. collects, stores and processes personal information of living persons, electronically in a structured filing system, then XYZ could be a:

AData Processor

BData Controller

CData Subject

DEither A or B

Answer : B

Question 7

Regulations that apply to the processing of personal data of natural persons that fall under the following categories:

AEU Citizens

BAll of the above

CResident of anywhere in the world

DEU Residents

Answer : D

Page no 4 of PBok Addendum: The EU GDPR is applicable to all EU residents. The usage of the term 'residents' is to be noted -- it means that the resident need not be a citizen of any EU member state. It could be any individual who resides in the EU.

DSCI Certified Privacy Professional DCPP-01 Exam Practice Test