Download EXIN Privacy and Data Protection Foundation.PDPF.TestKing.2018-12-05.17q.vcex

Vendor: Exin
Exam Code: PDPF
Exam Name: EXIN Privacy and Data Protection Foundation
Date: Dec 05, 2018
File Size: 14 KB

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Demo Questions

Question 1
A person finds that a private videotape showing her in a very intimate situation has been published on a website. She never consented to publication and demands that the video is being removed without undue delay. 
According to the GDPR, what should be done next? 
  1. Nothing. The video may be regarded as ‘news’ and, therefore, the website is only exercising its right to freedom of expression and information.
  2. The controller erases the video from the website and, when possible, informs any controller who might process the same video, that it must be erased.
  3. The controller erases the video from the website. There is no obligation however, to inform others who might have copied it, that it should be erased.
Correct answer: B
Question 2
For processing of personal data to be legal, a number of requirements must be fulfilled. 
What is a requirement for lawful personal data processing?
  1. A ‘code of conduct’, describing what the processing exactly entails, must be in place.
  2. The data subject must have given consent, prior to the processing to begin.
  3. The processing must be reported to and allowed by the Data Processing Authority
  4. There must be a legitimate ground for the processing of personal data.
Correct answer: D
Explanation:
Question 3
Under what EU legislation is data transfer between the EEA and the U.S.A. allowed?
  1. An adequacy decision based on the Privacy Shield program
  2. An adequacy decision by reason of US domestic legislation
  3. The Transatlantic Trade an Investment Partnership (TTIP)
  4. The U.S.A.’s commitment to join the European Economic Area
Correct answer: A
Explanation:
Reference: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu_en
Reference: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu_en
Question 4
Someone regularly receives offers from a store where he purchased something five years ago. He wants the company to stop sending offers and to wipe his personal data. 
Which aspect of the rights of a data subject in the General Data Protection Regulation (GDPR) requires the company to comply?
  1. The right to erasure
  2. The right to rectification
  3. The right to restriction of processing
  4. The right to withdraw consent
Correct answer: D
Explanation:
Reference: https://gdpr-info.eu/art-7-gdpr/
Reference: https://gdpr-info.eu/art-7-gdpr/
Question 5
Important technical requirements set out in the General Data Protection Regulation (GDPR) are about data quality. One is the obligation to ensure appropriate security, including protection against unauthorized or unlawful processing. 
What is another important technical requirement?
  1. To ascertain that personal data collection is adequate, relevant and limited to what is necessary in relation to the purposes 
  2. To control that data collected for specified, explicit and legitimate purposes is not further processed for other purposes
  3. To keep personal data accurate and up to date, ensuring that inaccurate data are erased or rectified without delay
  4. To make sure that personal data is processed lawfully, fairly and in transparent manner in relation to the data subject
Correct answer: A
Explanation:
Reference: http://www.privacy-regulation.eu/en/article-5-principles-relating-to-processing-of-personal-data-GDPR.htm
Reference: http://www.privacy-regulation.eu/en/article-5-principles-relating-to-processing-of-personal-data-GDPR.htm
Question 6
According to the GDPR, what is a mandatory topic in a DPIA report?
  1. Systematic description of the fiduciary duties to ensure compliance to all relevant laws and regulations
  2. An assessment of the necessity and proportionality of the processing operations in relation to the purposes
  3. The documentation of the risks to the rights and freedoms of the data protection officer
  4. The measures envisaged to address the privacy compliance frameworks risks
Correct answer: B
Question 7
What is the role of the one assigned the responsibility to govern the purposes and means of processing personal data within an organization, according to the GDPR? 
  1. Controller
  2. Data Protection Officer
  3. Data Subject
  4. Processor
Correct answer: A
Explanation:
Reference: https://www.i-scoop.eu/gdpr/data-controller-data-controller-duties/
Reference: https://www.i-scoop.eu/gdpr/data-controller-data-controller-duties/
Question 8
A personal data breach has occurred and the controller is writing a draft notification for the Supervisory Authority. The document describes the nature of the breach and its possible consequences. It also contains information on the parties that can provide additional information on the data breach to the Supervisory Authority. 
What other information should the controller add?
  1. Information of local and national authorities that have been informed about the data breach.
  2. Name and contact details of the data subjects whose data may be breached.
  3. Suggested measures to mitigate the adverse consequences of the data breach.
  4. The information needed to access the personal data that has been breached.
Correct answer: A
Question 9
The General Data Protection Regulation (GDPR) formalizes the data subject’s right to data portability. 
What is the objective of data portability?
  1. The controller has the right to move the data subject’s personal data from one organization to another.
  2. The data subject has the right to move personal data concerning him or her.
  3. The data subject has the right to move his/her personal data when moving to another country. 
  4. The Supervisory Authority authorizes the movement of personal data.
Correct answer: B
Question 10
The General Data Protection Regulation (GDPR) is based on the principles of proportionality and subsidiarity. 
What is the meaning of ‘proportionality’ in this context?
  1. Personal data can only be processed in accordance with the purpose specification.
  2. Personal data cannot be re-used without explicit and informed consent.
  3. Personal data may only be processed in case there are no other means to achieve the purposes.
  4. Personal data must be adequate, relevant and not excessive in relation to the purposes.
Correct answer: C
Explanation:
Reference: https://edps.europa.eu/data-protection/our-work/subjects/necessity-proportionality_en
Reference: https://edps.europa.eu/data-protection/our-work/subjects/necessity-proportionality_en
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!