• Home
  • Articles
  • CIPP-US Dumps PDF New [2021] Ultimate Study Guide [Q66-Q91]

CIPP-US Dumps PDF New [2021] Ultimate Study Guide [Q66-Q91]

Share

CIPP-US Dumps PDF New [2021] Ultimate Study Guide

CIPP-US Exam Dumps PDF Updated Dump from  VCEDumps Guaranteed Success


IAPP CIPP-US: Certified Information Privacy Professional/United States (CIPP/US) Certification Path

The IAPP CIPP-US: Certified Information Privacy Professional/United States (CIPP/US) Certification is one of the major certification organized by IAPP mainly focussing to the area of data privacy. There is no prerequisite for this exam but those professional who having keen to work in the stream of data privacy and want to learn about how to keep your data records safely then IAPP CIPP-US: Certified Information Privacy Professional/United States (CIPP/US) is the right option for them. For more information related to IAPP certification track IAPP-certification-path

 

NEW QUESTION 66
U.S. federal laws protect individuals from employment discrimination based on all of the following EXCEPT?

  • A. Marital status.
  • B. Genetic information.
  • C. Pregnancy.
  • D. Age.

Answer: C

 

NEW QUESTION 67
SCENARIO
Please use the following to answer the next QUESTION
Noah is trying to get a new job involving the management of money. He has a poor personal credit rating, but he has made better financial decisions in the past two years.
One potential employer, Arnie's Emporium, recently called to tell Noah he did not get a position. As part of the application process, Noah signed a consent form allowing the employer to request his credit report from a consumer reporting agency (CRA). Noah thinks that the report hurt his chances, but believes that he may not ever know whether it was his credit that cost him the job. However, Noah is somewhat relieved that he was not offered this particular position. He noticed that the store where he interviewed was extremely disorganized. He imagines that his credit report could still be sitting in the office, unsecured.
Two days ago, Noah got another interview for a position at Sam's Market. The interviewer told Noah that his credit report would be a factor in the hiring decision. Noah was surprised because he had not seen anything on paper about this when he applied.
Regardless, the effect of Noah's credit on his employability troubles him, especially since he has tried so hard to improve it. Noah made his worst financial decisions fifteen years ago, and they led to bankruptcy. These were decisions he made as a young man, and most of his debt at the time consisted of student loans, credit card debt, and a few unpaid bills - all of which Noah is still working to pay off. He often laments that decisions he made fifteen years ago are still affecting him today.
In addition, Noah feels that an experience investing with a large bank may have contributed to his financial troubles. In 2007, in an effort to earn money to help pay off his debt, Noah talked to a customer service representative at a large investment company who urged him to purchase stocks. Without understanding the risks, Noah agreed. Unfortunately, Noah lost a great deal of money.
After losing the money, Noah was a customer of another financial institution that suffered a large security breach. Noah was one of millions of customers whose personal information was compromised. He wonders if he may have been a victim of identity theft and whether this may have negatively affected his credit.
Noah hopes that he will soon be able to put these challenges behind him, build excellent credit, and find the perfect job.
Consumers today are most likely protected from situations like the one Noah had buying stock because of which federal action or legislation?

  • A. Federal Trade Commission investigations into "unfair and deceptive" acts or practices.
  • B. The creation of the Consumer Financial Protection Bureau.
  • C. Investigations of "abusive" acts and practices under the Dodd-Frank Wall Street Reform and Consumer Protection Act.
  • D. The rules under the Fair Debt Collection Practices Act.

Answer: C

 

NEW QUESTION 68
When does the Telemarketing Sales Rule require an entity to share a do-not-call request across its organization?

  • A. When a call is not the result of an error or other unforeseen cause
  • B. When the operational structures of its divisions are not transparent
  • C. When the entity manages user preferences through multiple platforms
  • D. When the goods and services sold by its divisions are very similar

Answer: A

 

NEW QUESTION 69
If an organization maintains data classified as high sensitivity in the same system as data classified as low sensitivity, which of the following is the most likely outcome?

  • A. The impact of an organizational data breach will be more severe than if the data had been segregated.
  • B. Temporary employees will be able to find the data necessary to fulfill their responsibilities.
  • C. The organization will be able to address legal discovery requests efficiently without producing more information than necessary.
  • D. The organization will still be in compliance with most sector-specific privacy and security laws.

Answer: C

 

NEW QUESTION 70
The Video Privacy Protection Act of 1988 restricted which of the following?

  • A. When downloading of copyrighted audio visual materials is allowed
  • B. Who advertisements for videos and video games may target
  • C. When a user's viewing of online video content can be monitored
  • D. Which purchase records of audio visual materials may be disclosed

Answer: D

 

NEW QUESTION 71
SCENARIO
Please use the following to answer the next QUESTION
Felicia has spent much of her adult life overseas, and has just recently returned to the U.S. to help her friend Celeste open a jewelry store in Californi a. Felicia, despite being excited at the prospect, has a number of security concerns, and has only grudgingly accepted the need to hire other employees. In order to guard against the loss of valuable merchandise, Felicia wants to carefully screen applicants. With their permission, Felicia would like to run credit checks, administer polygraph tests, and scrutinize videos of interviews. She intends to read applicants' postings on social media, ask Question:s about drug addiction, and solicit character references. Felicia believes that if potential employees are serious about becoming part of a dynamic new business, they will readily agree to these requirements.
Felicia is also in favor of strict employee oversight. In addition to protecting the inventory, she wants to prevent mistakes during transactions, which will require video monitoring. She also wants to regularly check the company vehicle's GPS for locations visited by employees. She also believes that employees who use their own devices for work-related purposes should agree to a certain amount of supervision.
Given her high standards, Felicia is skeptical about the proposed location of the store. She has been told that many types of background checks are not allowed under California law. Her friend Celeste thinks these worries are unfounded, as long as applicants verbally agree to the checks and are offered access to the results. Nor does Celeste share Felicia's concern about state breach notification laws, which, she claims, would be costly to implement even on a minor scale. Celeste believes that even if the business grows a customer database of a few thousand, it's unlikely that a state agency would hassle an honest business if an accidental security incident were to occur.
In any case, Celeste feels that all they need is common sense - like remembering to tear up sensitive documents before throwing them in the recycling bin. Felicia hopes that she's right, and that all of her concerns will be put to rest next month when their new business consultant (who is also a privacy professional) arrives from North Carolina.
Which law will be most relevant to Felicia's plan to ask applicants about drug addiction?

  • A. The Genetic Information Nondiscrimination Act of 2008.
  • B. The Health Insurance Portability and Accountability Act (HIPAA).
  • C. The Occupational Safety and Health Act (OSHA).
  • D. The Americans with Disabilities Act (ADA).

Answer: D

 

NEW QUESTION 72
A law enforcement subpoenas the ACME telecommunications company for access to text message records of a person suspected of planning a terrorist attack. The company had previously encrypted its text message records so that only the suspect could access this data.
What law did ACME violate by designing the service to prevent access to the information by a law enforcement agency?

  • A. SCA
  • B. USA Freedom Act
  • C. CALEA
  • D. ECPA

Answer: C

Explanation:
Explanation
Explanation/Reference: https://www.nap.edu/read/11896/chapter/11#283

 

NEW QUESTION 73
An organization self-certified under Privacy Shield must, upon request by an individual, do what?

  • A. Provide the identities of third parties with whom the organization shares personal information.
  • B. Suspend the use of all personal information collected by the organization to fulfill its original purpose.
  • C. Identify all personal information disclosed during a criminal investigation.
  • D. Provide the identities of third and fourth parties that may potentially receive personal information.

Answer: A

 

NEW QUESTION 74
Smith Memorial Healthcare (SMH) is a hospital network headquartered in New York and operating in 7 other states. SMH uses an electronic medical record to enter and track information about its patients. Recently, SMH suffered a data breach where a third-party hacker was able to gain access to the SMH internal network.
Because it is a HIPPA-covered entity, SMH made a notification to the Office of Civil Rights at the U.S. Department of Health and Human Services about the breach.
Which statement accurately describes SMH's notification responsibilities?

  • A. If SMH is compliant with HIPAA, it will not have to make a separate notification to individuals in the state of New York.
  • B. If SMH must make a notification in any other state in which it operates, it must also make a notification to individuals in New York.
  • C. If SMH has more than 500 patients in the state of New York, it will need to make separate notifications to these patients.
  • D. If SMH makes credit monitoring available to individuals who inquire, it will not have to make a separate

Answer: B

Explanation:
notification to individuals in the state of New York.

 

NEW QUESTION 75
Which law provides employee benefits, but often mandates the collection of medical information?

  • A. The Family and Medical Leave Act.
  • B. The Occupational Safety and Health Act.
  • C. The Americans with Disabilities Act.
  • D. The Employee Medical Security Act.

Answer: C

 

NEW QUESTION 76
SCENARIO
Please use the following to answer the next QUESTION
Otto is preparing a report to his Board of Directors at Filtration Station, where he is responsible for the privacy program. Filtration Station is a U.S. company that sells filters and tubing products to pharmaceutical companies for research use. The company is based in Seattle, Washington, with offices throughout the U.S. and Asi a. It sells to business customers across both the U.S. and the Asia-Pacific region. Filtration Station participates in the Cross-Border Privacy Rules system of the APEC Privacy Framework.
Unfortunately, Filtration Station suffered a data breach in the previous quarter. An unknown third party was able to gain access to Filtration Station's network and was able to steal data relating to employees in the company's Human Resources database, which is hosted by a third-party cloud provider based in the U.S. The HR data is encrypted. Filtration Station also uses the third-party cloud provider to host its business marketing contact database. The marketing database was not affected by the data breach. It appears that the data breach was caused when a system administrator at the cloud provider stored the encryption keys with the data itself.
The Board has asked Otto to provide information about the data breach and how updates on new developments in privacy laws and regulations apply to Filtration Station. They are particularly concerned about staying up to date on the various U.S. state laws and regulations that have been in the news, especially the California Consumer Privacy Act (CCPA) and breach notification requirements.
What can Otto do to most effectively minimize the privacy risks involved in using a cloud provider for the HR data?

  • A. Negotiate a Business Associate Agreement with the cloud provider to protect any health-related data employees might share with Filtration Station.
  • B. Obtain express consent from employees for storing the HR data in the cloud and keep a record of the employee consents.
  • C. Request that the Board sign off in a written document on the choice of cloud provider.
  • D. Ensure that the cloud provider abides by the contractual requirements by conducting an on-site audit.

Answer: D

 

NEW QUESTION 77
Within what time period must a commercial message sender remove a recipient's address once they have asked to stop receiving future e-mail?

  • A. 7 days
  • B. 21 days
  • C. 15 days
  • D. 10 days

Answer: D

 

NEW QUESTION 78
All of the following common law torts are relevant to employee privacy under US law EXCEPT?

  • A. Conversion.
  • B. Infliction of emotional distress.
  • C. Intrusion upon seclusion.
  • D. Defamation

Answer: C

 

NEW QUESTION 79
In what way is the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act intended to help consumers?

  • A. By requiring companies to allow consumers to opt-out of future e-mails.
  • B. By providing consumers with free spam-filtering software.
  • C. By prohibiting companies from sending objectionable content through unsolicited e-mails.
  • D. By requiring a company to receive an opt-in before sending any advertising e-mails.

Answer: C

 

NEW QUESTION 80
In 2012, the White House and the FTC both issued reports advocating a new approach to privacy enforcement that can best be described as what?

  • A. Harm-based.
  • B. Self-regulatory.
  • C. Notice and choice.
  • D. Comprehensive.

Answer: B

 

NEW QUESTION 81
SCENARIO
Please use the following to answer the next QUESTION:
Larry has become increasingly dissatisfied with his telemarketing position at SunriseLynx, and particularly with his supervisor, Evan. Just last week, he overheard Evan mocking the state's Do Not Call list, as well as the people on it. "If they were really serious about not being bothered," Evan said, "They'd be on the national DNC list. That's the only one we're required to follow. At SunriseLynx, we call until they ask us not to." Bizarrely, Evan requires telemarketers to keep records of recipients who ask them to call "another time." This, to Larry, is a clear indication that they don't want to be called at all. Evan doesn't see it that way.
Larry believes that Evan's arrogance also affects the way he treats employees. The U.S. Constitution protects American workers, and Larry believes that the rights of those at SunriseLynx are violated regularly. At first Evan seemed friendly, even connecting with employees on social medi a. However, following Evan's political posts, it became clear to Larry that employees with similar affiliations were the only ones offered promotions.
Further, Larry occasionally has packages containing personal-use items mailed to work. Several times, these have come to him already opened, even though this name was clearly marked. Larry thinks the opening of personal mail is common at SunriseLynx, and that Fourth Amendment rights are being trampled under Evan's leadership.
Larry has also been dismayed to overhear discussions about his coworker, Sadie. Telemarketing calls are regularly recorded for quality assurance, and although Sadie is always professional during business, her personal conversations sometimes contain sexual comments. This too is something Larry has heard Evan laughing about. When he mentioned this to a coworker, his concern was met with a shrug. It was the coworker's belief that employees agreed to be monitored when they signed on. Although personal devices are left alone, phone calls, emails and browsing histories are all subject to surveillance. In fact, Larry knows of one case in which an employee was fired after an undercover investigation by an outside firm turned up evidence of misconduct. Although the employee may have stolen from the company, Evan could have simply contacted the authorities when he first suspected something amiss.
Larry wants to take action, but is uncertain how to proceed.
Which act would authorize Evan's undercover investigation?

  • A. The Stored Communications Act (SCA)
  • B. The Fair and Accurate Credit Transactions Act (FACTA)
  • C. The National Labor Relations Act (NLRA)
  • D. The Whistleblower Protection Act

Answer: C

 

NEW QUESTION 82
Which of the following became the first state to pass a law specifically regulating the practices of data brokers?

  • A. Vermont.
  • B. New York.
  • C. California.
  • D. Washington.

Answer: A

Explanation:
Explanation
Explanation/Reference: https://www.natlawreview.com/article/ringing-2019-new-state-privacy-and-data-security-laws- impacting-data-brokers-and

 

NEW QUESTION 83
What practice does the USA FREEDOM Act NOT authorize?

  • A. An increase in the maximum penalty for material support to terrorism
  • B. The bulk collection of telephone data and internet metadata
  • C. An extension of the expiration for roving wiretaps
  • D. Emergency exceptions that allows the government to target roamers

Answer: D

 

NEW QUESTION 84
What are banks required to do under the Gramm-Leach-Bliley Act (GLBA)?

  • A. Offer an Opt-Out before transferring PI to an unaffiliated third party for the latter's own use
  • B. Process requests for changes to user preferences within a designated time frame
  • C. Conduct annual consumer surveys regarding satisfaction with user preferences
  • D. Provide consumers with the opportunity to opt out of receiving telemarketing phone calls

Answer: A

 

NEW QUESTION 85
Who has rulemaking authority for the Fair Credit Reporting Act (FCRA) and the Fair and Accurate Credit Transactions Act (FACTA)?

  • A. The Federal Trade Commission
  • B. State Attorneys General
  • C. The Department of Commerce
  • D. The Consumer Financial Protection Bureau

Answer: D

Explanation:
Explanation/Reference: https://www.ftc.gov/enforcement/statutes/fair-accurate-credit-transactions-act-2003

 

NEW QUESTION 86
Which authority supervises and enforces laws regarding advertising to children via the Internet?

  • A. The Department of Homeland Security
  • B. The Federal Trade Commission
  • C. The Office for Civil Rights
  • D. The Federal Communications Commission

Answer: B

 

NEW QUESTION 87
Which of the following best describes the ASIA-Pacific Economic Cooperation (APEC) principles?

  • A. A bill of rights for individuals seeking access to their personal information.
  • B. An international court ruling on personal information held in the commercial sector.
  • C. A baseline of marketers' minimum responsibilities for providing opt-out mechanisms.
  • D. A code of responsibilities for medical establishments to uphold privacy laws.

Answer: A

Explanation:
Explanation/Reference: http://documents1.worldbank.org/curated/en/751621525705087132/text/WPS8431.txt

 

NEW QUESTION 88
A large online bookseller decides to contract with a vendor to manage Personal Information (PI). What is the least important factor for the company to consider when selecting the vendor?

  • A. The vendor's employee retention rates
  • B. The vendor's reputation
  • C. The vendor's employee training program
  • D. The vendor's financial health

Answer: D

 

NEW QUESTION 89
According to the FTC Report of 2012, what is the main goal of Privacy by Design?

  • A. Implementing a system of standardization for privacy notices
  • B. Obtaining consumer consent when collecting sensitive data for certain purposes
  • C. Establishing a system of self-regulatory codes for mobile-related services
  • D. Incorporating privacy protections throughout the development process

Answer: D

 

NEW QUESTION 90
Based on the 2012 Federal Trade Commission report "Protecting Consumer Privacy in an Era of Rapid Change", which of the following directives is most important for businesses?

  • A. Integrating privacy protections during product development.
  • B. Announcing the tracking of online behavior for advertising purposes.
  • C. Allowing consumers to opt in before collecting any data.
  • D. Mitigating harm to consumers after a security breach.

Answer: D

 

NEW QUESTION 91
......


What is the duration, language, and format of IAPP CIPP-US: Certified Information Privacy Professional/United States (CIPP/US) Exam

  • Passing score: 85%
  • Language: IAPP CIPP-US: Certified Information Privacy Professional/United States (CIPP/US) offered in English (U.S.), French, German
  • Length of Examination: 150 minutes
  • Number of Questions: 90
  • Format: Multiple choices, multiple answers

 

Pass Your IAPP Exam with CIPP-US Exam Dumps: https://prep4sure.vcedumps.com/CIPP-US-examcollection.html

Related Articles

more
IAPP CIPP-US Certification Practice Exam

VCEDumps is a joint venture for provding vce files free and valid dumps pdf. We guarantee VCEDumps dumps pdf help you pass exam 100% for sure. Not Valid, Full Refund!

Latest VCE Dumps

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 VCEDumps NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy