Leads4pass > DSCI > DSCI Certifications > DCPP-01 > DCPP-01 Online Practice Questions and Answers

DCPP-01 Online Practice Questions and Answers

Questions 4

A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some of the data that the organization collects is sensitive in nature, the processing of some of which is also outsourced to its branches in Asian countries.

Which of the following are not mandatory pre-requisite before transferring sensitive personal data to its Asian branches?

A. Notifying the data subject

B. Conducting risk assessment for the processing involved

C. Determining adequacy status of the country

D. Self-certifying to Safe Harbor practices and reporting to Federal Trade Commission

Buy Now
Questions 5

If an entity operates a website designed for kids or a website that targets general audience but collects information from individuals known to be under age of 13 years, the entity must comply with requirements in the US.

A. Child online protection Act, 1998

B. Gramm-Leach-Bliley Act, 1999

C. Personal Information Protection and Electronic Documents Act (PIPEDA)

D. Sarbanes-Oxley Act, 2000

Buy Now
Questions 6

With reference to APEC privacy framework, which of the following statements are true?

A. The APEC Privacy Framework is intended to promote a flexible approach to information privacy protection across APEC members, while at the same time avoiding the creation of needless barriers to information flows.

B. The APEC framework is detailed and prescribes stringent controls that need to be implemented for trans-border data flows to initiate.

C. Companies can be certified by attested third parties for compliance to requirements mentioned under APEC Privacy Framework.

D. Governments which are part of the APEC, authorize data transfer as per APEC privacy framework.

Buy Now
Questions 7

Provisions in which of the following legislations in India have or could have a direct conflict with an individual's privacy (though exceptions could have already been defined in the law)?

A. Right to Information (Amendment) Act, 2013

B. TheLokPal and LokaYuktas Act, 2013

C. National Food Security Act, 2013

D. Official Secrets Act, 1923

Buy Now
Questions 8

Which of the following has not been prescribed as a key principle in the White Paper on Data Protection Framework for India, by Justice Shri Krishna Committee?

A. Informed consent

B. Data minimization

C. Horizontal application

D. Preventing harm

Buy Now
Questions 9

BS 10012 is a British standard used to establish ___________.

A. Personal information management system

B. Privacy technology architecture

C. Privacy reference architecture

D. Privacy by design framework

Buy Now
Questions 10

As a newly-appointed Data Protection officer of an IT company gearing up for DSCI's privacy certification, you are trying to understand what data elements are involved in each of the business process, function and if these data elements can be classified as sensitive personal information.

What is being accomplished with this effort?

A. Organization to get "Visibility" over its exposure to sensitive personal information

B. It is a part of the annual exercise per the organization's privacy policy/ processes

C. Information security controls for confidential information being reviewed

D. Gathering inputs to restructure privacy function

Buy Now
Questions 11

ABC Health Care is a large healthcare delivery chain, with 8 hospitals and more than 20 health centers. It has decided to streamline its patient care system. The new system needs to integrate data from more than 20 clinical, scheduling, and billing systems. It needs to support all types of data-intensive projects, which includes masking sensitive health information.

You have been approached to address privacy concerns during integration of the new system. Arrange the below listed steps in sequential order for the most appropriate implementation of privacy protection measures.

I. Creating a privacy policy to safeguard the sensitive personal data

II. Measuring and monitoring privacy policy and processes implementation to provide ongoing proof that data has been protected

III. Defining and classifying sensitive personal data, including data and metadata patterns

IV.

Masking data consistently across the systems to meet various compliance standards

V.

Discovering where the sensitive personal data is stored across databases, applications, endpoints and servers

Please select the most logical sequence from below options:

A. II - I - IV - V

B. V - II - III - I - IV

C. III - V - I - IV - II

D. I - III - V - II - IV

Buy Now
Questions 12

A Data Loss Prevention (DLP) tool identifies a large number of medical records sent by an employee to a personal email address.

Which of the following is the most critical consideration while internally investigating this incident?

A. The domain of the recipient e-mail address

B. The gender of patients whose records were shared

C. The time of day the records were sent

D. The reason the records were emailed

Buy Now
Questions 13

Which of the following is outside the scope of an organization's privacy incident management plan?

A. Detection of leakage of personal information

B. Defining data access rules for business users

C. Communication of privacy incidents

D. Remediation of incidents

Buy Now
Exam Code: DCPP-01
Exam Name: DSCI certified Privacy Professional (DCPP)
Last Update: Jul 04, 2026
Questions: 162
10%OFF Coupon Code: SAVE10

PDF (Q&A)

$49.99

VCE

$55.99

PDF + VCE

$65.99