Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Which of the following is not required by an organization in US, resorting to EU-US Safe Harbor provisions, to transfer personal information from EU member nation to US?

A.

Adherence to the seven safe harbor principles

B.

Disclose their privacy policy publicly

C.

Sign standard contractual clauses with data exporters in EU

D.

Notify FTC of the self-certification

For negligence in implementing and maintaining the reasonable security practices and procedures for protecting Sensitive Personal Data or Information (SPDI) as mentioned in Section 43A and associated rules under IT (Amendment) Act, 2008, a corporate entity may be liable to pay compensation of up to___________

A.

Rs. 50,000,000

B.

Rs. 500,000,000

C.

Rs. 5,000,000

D.

Upper limit not defined

A public domain or freely accessible piece of information cannot be construed as sensitive personal data or information under Indian law.

A.

FALSE

B.

TRUE

According to EU authorities, which country has yet to receive adequacy status?

A.

Argentina

B.

Canada

C.

Brazil

D.

New Zealand

As a privacy assessor, what would most likely be the first artifact you would ask for while assessing an organization which claims that it has implemented a privacy program?

A.

Privacy risk management framework

B.

Records of privacy specific training imparted to the employees handling personal information

C.

Personal information management policy

D.

Records of deployed privacy notices and statements

According to which of the following data privacy laws does "challenging compliance" fall under?

A.

PIPEDA

B.

Federal Data Protection Act

C.

UK Data Protection Act

D.

APEC Framework

What of the following is a lawful basis under Article 6 of the General Data Protection Regulation, 2016?

A.

Legitimate Interest

B.

Consent

C.

Legal Obligation

D.

Vital Interest

E.

Performance of Contract

In the wake of privacy-related concerns arising from various policies around the world, which of the following has not driven increased regulatory responses?

A.

Data privacy professionals are in high demand

B.

Data flows across borders and outsourcing in a globalized world

C.

Rapid growth of social networking sites, which are used to share a lot of personal information

D.

Information about individuals having a greater economic value

Regarding projects such as Aadhaar, the National Population Register (NPR), etc. that involve national government projects specific to India, which of the following statements is accurate?

A.

Citizens can choose not to submit their biometric details to the environment and can complete the process without providing their biometrics

B.

Prior to and during collection of data, data subjects are not properly notified

C.

In India, biometric data collection is a statutory requirement

D.

Once their personal information has been shared with the project, data subjects are not limited in how they can exercise control over how it will be used

Among the following options, which would be the most appropriate for the transfer of Personal and Sensitive data from an EU company to another organization outside the EU?

A.

The person transferring data to the destination country must inform the data protection commissioner, while the person exporting the data must notify the European Commission.

B.

This case is not covered by the EU directive.

C.

Putting in place suitable model contractual clauses is the vendor's responsibility in the third country.

D.

A data exporter needs to create model contractual clauses after obtaining approvals from the data protection commissioner.