The purpose of this Sample Question Set is to provide you with information about the IAPP Certified Information Privacy Professional/Europe (CIPP-E) exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the CIPP-E certification test. To get familiar with real exam environment, we suggest you try our Sample IAPP Information Privacy Professional/Europe Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual IAPP Certified Information Privacy Professional/Europe (CIPP-E) certification exam.
These sample questions are simple and basic questions that represent likeness to the real IAPP Certified Information Privacy Professional/Europe exam questions. To assess your readiness and performance with real-time scenario based questions, we suggest you prepare with our Premium IAPP CIPP-E Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.
IAPP CIPP-E Sample Questions:
a) That it essentially functions as a one-stop shop mechanism
b) That it takes the form of a Regulation as opposed to a Directive
c) That it makes notification of large-scale data breaches mandatory
d) That it makes appointment of a data protection officer mandatory
02. Which institution has the power to adopt findings that confirm the adequacy of the data protection level in a non-EU country?
a) The European Parliament
b) The European Commission
c) The Article 29 Working Party
d) The European Council
03. What type of data lies beyond the scope of the General Data Protection Regulation?
a) Pseudonymized
b) Encrypted
c) Anonymized
d) Masked
04. Under what circumstances would the GDPR apply to personal data that exists in physical form, such as information contained in notebooks or hard copy files?
a) Only where the personal data is produced as a physical output of specific automated processing activities, such as printing, labelling, or stamping.
b) Only where the personal data is to be subjected to specific computerized processing, such as image scanning or optical character recognition.
c) Only where the personal data is treated by automated means in some way, such as computerized distribution or filing.
d) Only where the personal data is handled in a sufficiently structured manner so as to form part of a filing system.
05. A key component of the OECD Guidelines is the "Individual Participation Principle". What parts of the General Data Protection Regulation (GDPR) provide the closest equivalent to that principle?
a) The lawful processing criteria stipulated by Articles 6 to 9
b) The rights granted to data subjects under Articles 12 to 22
d) The information requirements set out in Articles 13 and 14
06. What is true of both the General Data Protection Regulation (GDPR) and the Council of Europe Convention 108?
a) Both govern international transfers of personal data
b) Both require notification of processing activities to a supervisory authority
c) Both only apply to European Union countries
d) Both govern the processing of personal data, including international transfers
07. Which of the following would most likely NOT be covered by the definition of "personal data" under the GDPR?
a) The payment card number of a Dutch citizen
b) The U.S. social security number of an American citizen living in France
c) The unlinked aggregated data used for statistical purposes by an Italian company
d) The identification number of a German candidate for a professional examination in Germany
08. How is the retention of communications traffic data for law enforcement purposes addressed by European data protection law?
a) The ePrivacy Directive allows individual EU member states to engage in such data retention.
b) The ePrivacy Directive harmonizes EU member states’ rules concerning such data retention.
c) The Data Retention Directive’s annulment makes such data retention now permissible.
d) Retention is governed by national law implementing the Law Enforcement Directive, not the GDPR.
09. Which of the following would MOST likely trigger the extraterritorial effect of the GDPR, as specified by Article 3?
a) Personal data of EU residents being processed by a non-EU business that targets EU customers.
c) The behavior of EU citizens outside the EU being monitored by non-EU law enforcement bodies.
d) The behavior of suspected terrorists being monitored by EU law enforcement bodies.
10. What is an important difference between the European Court of Human Rights (ECHR) and the Court of Justice of the European Union (CJEU) in relation to their roles and functions?
a) ECHR can rule on issues concerning privacy as a fundamental right, while the CJEU cannot.
b) CJEU can hear appeals on human rights decisions made by national courts, while the ECHR cannot.
c) CJEU can force national governments to implement and honor EU law, while the ECHR cannot.
d) ECHR can enforce human rights laws against governments that fail to implement them, while the CJEU cannot.
Answers:
|
Question: 01 Answer: a |
Question: 02 Answer: b |
Question: 03 Answer: c |
Question: 04 Answer: d |
Question: 05 Answer: b |
|
Question: 06 Answer: d |
Question: 07 Answer: c |
Question: 08 Answer: d |
Question: 09 Answer: a |
Question: 10 Answer: c |
Note: For any error in IAPP Certified Information Privacy Professional/Europe (CIPP-E) certification exam sample questions, please update us by writing an email on feedback@certfun.com.
