CertsTopics Logo

Labour Day Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

DSCI DCPP-01 Dumps

Page: 1 / 5
Total 122 questions
Get DCPP-01 Full Access Download DCPP-01 PDF

DSCI certified Privacy Professional (DCPP) Questions and Answers

Question 1

In India, who among the following would be the authorized legal entities to monitor and intercept communication of individuals?

Options:

A.

“Intermediaries” as defined under the IT (Amendment) Act, 2008

B.

Telecom Service Providers

C.

Intelligence and Law Enforcement Agencies

D.

Directorate of Revenue Intelligence (DRI)

Question 2

Technological advancement is inevitable and the speed of change is exponential. In such a scenario, which of the following statement is not true for defining the relationship between privacy protection and technology advancement, both at individual and corporate levels?

Options:

A.

Maintaining privacy is difficult with emerging platforms and services

B.

Maintaining privacy is difficult, as exercising complete control over personal information in online environment is an uphill task

C.

Technology advancements and privacy protection are independent concepts that are not related

D.

Maintaining privacy in cyberspace becomes easier with proper use of tools and technologies

Question 3

Which of the following does not fall under the category of Personal Financial Information (PFI)?

Options:

A.

Credit card number with expiry date

B.

Bank account Information

C.

Loan account Information

D.

Income tax return file acknowledgement number

Question 4

If XYZ & Co. collects, stores and processes personal information of living persons, electronically in a structured filing system, then XYZ could be a:

Options:

A.

Data Processor

B.

Data Controller

C.

Data Subject

D.

Either A or B

Question 5

What does PHI stand for, as per HIPAA/ HITECH?

Options:

A.

Personal heuristic information

B.

Public health information

C.

Protected health information

D.

Personal health information

Question 6

Under which of the following conditions can a government department refuse to release information under the provisions of RTI Act?

Options:

A.

Adverse impact of such information on the stability of the ruling party in government

B.

Adverse impact of such information on national security

C.

Adverse impact of such information on personal privacy of its officials if it does not satisfy the public interest at large

D.

Adverse impact of such information on the public image of the government department

Question 7

The Indian cancer-treatment hospital Mumbai Hospital has organized a free health checkup for women in a specific district after securing adequate permission from the appropriate authority. During the camp the hospital staffs will be feeding. A computer connected to the hospital network system stores the medical records of these women. Are the participants at this camp required to be informed of the hospital's privacy policy and asked to consent to its collection and processing of personal information?

Options:

A.

Certainly, in a language that they would understand

B.

Yes, in any language the hospital desires

C.

They won't, since it's a free health camp for them

D.

The law does not require the same in this case

Question 8

When sharing personal information (of the data subject) with third parties for processing, which of the following privacy principles includes informed consent?

Options:

A.

Disclosure of information

B.

Collection limitation

C.

Accountability

D.

Purpose limitation

Question 9

De-identification of personal information is advocated by which of the following privacy regulations?

Options:

A.

IT Act of India

B.

Australia's ANPP

C.

EU Data Protection Directive

D.

Canada's PIPEDA

Question 10

According to the IT (Amendment) Act, 2008, a corporate entity could be liable to pay compensation for negligence in implementing and maintaining reasonable security practices and procedures in order to protect Sensitive Personal Data or Information. What is the amount of penalty?

Options:

A.

Upper limit not defined

B.

Rs. 5,000,000

C.

Rs. 50,000,000

D.

Rs. 500,000,000

Question 11

With respect to privacy notice, what are the responsibilities of data controller?

Options:

A.

Providing the notice before or during data collection

B.

Identifying and communication the purposes for which data will be collected, used, and disclosed

C.

Providing notice after the data collection

D.

Providing notice at every instance of data processing

Question 12

Health insurance firm based in the US uses BPM services provided by an Indian company. It was found that one of the employees of the Indian company exported customer data of the insurance company to another US-based insurance company. Under which of the below ground, the company and its executives in India were also subjected to legal action ?

Options:

A.

These actions were not avoided by using data loss prevention tools.

B.

No reasonable security practices were implemented to protect data.

C.

Employees of the company were allowed to view sensitive personal information.

D.

Background checks were not conducted on the individuals.

Question 13

Which of the following provides the legal basis for an Adjudicating Officer in every Indian state & union territory, with the powers of a civil court, to hear complaints and order compensation to the affected individuals?

Options:

A.

Indian Civil Code

B.

Indian Criminal Procedure Code

C.

Telecom Regulatory Authority of India (TRAI) Act

D.

Information Technology Act, 2000 & Information Technology (Amendment) Act, 2008

Question 14

Indian constitution does not expressly provide for the “right to privacy” to its citizens. However, there were various judicial pronouncements of the apex court which finally established the “right to privacy” as a fundamental right subsumed under Article 21 of the constitution of India. Article 21 inter alia provides and protects the __________________.

Options:

A.

Right to Life and Personal liberty

B.

Right to Opportunity

C.

Right to Freedom of Speech and Expression

D.

Right to Equality before law

Question 15

After the rules were notified under section 43A of the IT (Amendment) Act, 2008, a clarification was issued by the government which exempted the service providers, which get access to/processes Sensitive Personal Data or information (SPDI) under contractual agreement with a legal entity located within or outside India. Which privacy principle provisions notified under Sec 43A were exempted for the service providers?

Options:

A.

Consent

B.

Privacy policy (which is published)

C.

Access and Correction

D.

Disclosure of information

Question 16

Please select the incorrect statement in context of “Online Privacy”:

Options:

A.

A person’s act of ‘Selective disclosure” (of themselves) in an online environment

B.

A person’s concern over usage of information that were collected during an online activity

C.

A person’s control over collection of information during an online activity

D.

A person’s concern on the software licensing agreement they sign with any organization

Question 17

Which of the following privacy principle deals with informed consent of the data subject before sharing the personal information (of the data subject) to third parties for processing?

Options:

A.

Collection limitation

B.

Purpose limitation

C.

Disclosure of information

D.

Accountability

Question 18

A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some of the data that the organization collects is sensitive in nature, the processing of some of which is also outsourced to its branches in Asian countries.

For exporting EU branch employees’ data to Asian Countries for processing, which of the following instruments could be used for legal data transfer?

Options:

A.

Customized contracts mandating ISO 27001 certification by the data processor

B.

Standard Contractual Clauses

C.

Binding Corporate Rules

D.

Safe Harbor

Page: 1 / 5
Total 122 questions
Get DCPP-01 Full Access Download DCPP-01 PDF