10年以上のビジネス経験により、当社のCIPP-USテストトレントは、顧客の購入体験を非常に重要視していました。電子製品の購入速度を心配する必要はありません。弊社では、CIPP-US試験準備の信頼性を長期間にわたって評価および評価し、保証された購入スキームを提案するために尽力しています。必要な場合は、CIPP-USテストトレントを使用するためのリモートオンラインガイダンスも利用できます。通常、購入後数分でCIPP-US練習問題を効率よく取得できます。
IAPP CIPP-US試験は、90問の選択式問題で構成され、個人は2.5時間で試験を完了する必要があります。試験は、米国のプライバシー法規制、プライバシープログラムのガバナンス、データ漏えい、職場におけるプライバシー問題の4つの主要カテゴリをカバーしています。試験に合格するためには、500点満点中300点以上のスコアが必要です。
IAPP CIPP-US認定試験は、米国のプライバシー法と規制を扱う専門家向けに、国際プライバシー専門家協会(IAPP)が提供する資格です。この試験は、米国のプライバシー法と規制の複雑で進化する景観をナビゲートするために必要な知識とスキルをテストするように設計されています。
CertJukenはきみのIT夢に向かって力になりますよ。IAPPのCIPP-USの認証そんなに人気があって、CertJukenも君の試験に合格するために全力で助けてあげて、またあなたを一年の無料なサービスの更新を提供します。明日の成功のためにCertJukenを選らばましょう。
CIPP/US認定試験は、米国の個人情報の管理に関与している専門家向けに特別に設計されています。この認定は、ヘルスケア、金融、技術、政府など、さまざまな業界で働く個人を対象としています。この試験は、組織が適用されるプライバシー法と規制に準拠していることを確認する責任がある弁護士、コンサルタント、プライバシー担当者にも適しています。
質問 # 53
SCENARIO
Please use the following to answer the next QUESTION :
A US-based startup company is selling a new gaming application. One day, the CEO of the company receives an urgent letter from a prominent EU-based retail partner. Triggered by an unresolved complaint lodged by an EU resident, the letter describes an ongoing investigation by a supervisory authority into the retailer's data handling practices.
The complainant accuses the retailer of improperly disclosing her personal data, without consent, to parties in the United States. Further, the complainant accuses the EU-based retailer of failing to respond to her withdrawal of consent and request for erasure of her personal dat a. Your organization, the US-based startup company, was never informed of this request for erasure by the EU-based retail partner. The supervisory authority investigating the complaint has threatened the suspension of data flows if the parties involved do not cooperate with the investigation. The letter closes with an urgent request: "Please act immediately by identifying all personal data received from our company." This is an important partnership. Company executives know that its biggest fans come from Western Europe; and this retailer is primarily responsible for the startup's rapid market penetration.
As the Company's data privacy leader, you are sensitive to the criticality of the relationship with the retailer.
Under the General Data Protection Regulation (GDPR), how would the U.S.-based startup company most likely be classified?
正解:D
解説:
Processor is the answer and correct based on the fact that the EU retailer was collecting consents and sending data internationally to US. The distractor of lack of consent and the instruction somehow implied that it now needs to be adhered to by the processor despite controller EU Retailer messing up should be mindfully sidestepped. Supervisor and Controller are synonymous with both terms used in the GDPR. Data manager is not a term used in GDPR.
質問 # 54
Which jurisdiction must courts have in order to hear a particular case?
正解:A
解説:
In order for a court to hear a case, it must have both personal jurisdiction and subject matter jurisdiction. Personal jurisdiction refers to the authority of a court over the parties to a case, while subject matter jurisdiction refers to the authority of a court to hear a particular type of case. For example, a federal court may have subject matter jurisdiction over a case involving a federal law, but it may not have personal jurisdiction over a defendant who has no contacts with the state where the court is located. Similarly, a state court may have personal jurisdiction over a resident of the state, but it may not have subject matter jurisdiction over a case involving a foreign treaty.
質問 # 55
Which of the following best describes private-sector workplace monitoring in the United States?
正解:B
解説:
In the United States, there is no comprehensive federal law that regulates employee monitoring in the private sector. Instead, there are various federal and state laws that address specific aspects of monitoring, such as electronic communications, video surveillance, GPS tracking, and biometric data. Generally, these laws provide more protection for employees' privacy when they are using their own devices or personal accounts, or when they are outside of work hours or premises. However, when employees are using company-owned devices or accounts, or when they are performing work- related tasks, employers have broad authority to monitor their activities, as long as they have a legitimate business interest and do not violate any specific laws.
Employers are also advised to inform employees of their monitoring practices and obtain their consent, either explicitly or implicitly, to avoid potential legal disputes or employee backlash.
質問 # 56
When does the Telemarketing Sales Rule require an entity to share a do-not-call request across its organization?
正解:A
解説:
* The Telemarketing Sales Rule (TSR) is a federal regulation that implements the Telemarketing and Consumer Fraud and Abuse Prevention Act of 1994. The TSR aims to protect consumers from deceptive or abusive telemarketing practices, such as unwanted calls, false or misleading claims, unauthorized billing, and privacy violations1.
* The TSR requires telemarketers and sellers to comply with the National Do Not Call Registry, which is a list of phone numbers of consumers who have indicated that they do not want to receive telemarketing calls2.
* The TSR also requires telemarketers and sellers to honor the do-not-call requests of individual consumers, regardless of whether their numbers are on the National Do Not Call Registry or not2.
* A do-not-call request is a statement made by a consumer, either orally or in writing, that they do not wish to receive any more calls from a specific telemarketer or seller2.
* The TSR requires an entity to share a do-not-call request across its organization when the operational
* structures of its divisions are not transparent to consumers3. This means that the entity must treat the do-not-call request as if it applies to all of its affiliates and subsidiaries that engage in telemarketing, unless the consumer would reasonably expect them to be separate and distinct entities based on their names, products, or services3.
* The TSR does not require an entity to share a do-not-call request across its organization in the following situations:
* When the goods and services sold by its divisions are very similar. This is not a relevant factor for determining whether the entity must share a do-not-call request across its organization. The key factor is whether the consumers can distinguish between the different divisions based on their operational structures3.
* When a call is not the result of an error or other unforeseen cause. This is not an exception to the requirement to honor a do-not-call request. The TSR prohibits telemarketers and sellers from calling a consumer who has made a do-not-call request, unless the call falls under one of the specific exemptions, such as calls from or on behalf of tax-exempt nonprofit organizations, calls to consumers with whom the seller has an established business relationship, or calls to consumers who have given prior express written consent2.
* When the entity manages user preferences through multiple platforms. This is not an excuse for not sharing a do-not-call request across its organization. The TSR requires telemarketers and sellers to maintain an internal do-not-call list of consumers who have asked them not to call again, and to update the list at least once every 31 days2. The entity must ensure that the do-not-call request is recorded and communicated across all of its platforms that are used for telemarketing purposes3.
References: 1: Telemarketing Sales Rule 2: Q&A for Telemarketers & Sellers About DNC Provisions in TSR 3: Federal Register :: Telemarketing Sales Rule
質問 # 57
A law enforcement subpoenas the ACME telecommunications company for access to text message records of a person suspected of planning a terrorist attack. The company had previously encrypted its text message records so that only the suspect could access this data.
What law did ACME violate by designing the service to prevent access to the information by a law enforcement agency?
正解:B
質問 # 58
......
CIPP-US勉強の資料: https://www.certjuken.com/CIPP-US-exam.html
1800 889 0262
info@kakinfotech.com
Nehru Place, New Delhi, India
© 2023 Studison. All Rights Reserved | Powered by kakinfotech.com
