Best Practices: Email Deliverability and Privacy

Question 1

According to the 2014 Email Deliverability 101 report, how many opt-in marketing emails never make it to the in-box?

Answer 1

Over 20%.

Question 2

Where do emails that don’t make it to in-boxes end up?

Answer 2

In spam or junk folders, or are blocked by ISP-level filtering before even making it to the email address.

Question 3

What region had the highest rate of commercial emails delivered to the in-box?

Answer 3

Europe.

Question 4

Define email deliverability.

Answer 4

The process of putting your email marketing messages into the in-box of recipients.

Question 5

One of the key factors to successful email deliverability is creating email campaigns that are __________

Answer 5

relevant to your audience.

Question 6

Your ability to reach prospects’ in-box is tied to ___

Answer 6

deliverability and privacy.

Question 7

You are responsible for developing a comprehensive ___

Answer 7

privacy policy.

Question 8

You need to reduce the likelihood of _____, unsubscribes, bounces, and spam traps.

Answer 8

complaints

Question 9

You need to reduce the likelihood of complaints, ____, bounces, and spam traps.

Answer 9

unsubscribes

Question 10

You need to reduce the likelihood of complaints, unsubscribes, ___, and spam traps.

Answer 10

bounces

Question 11

You need to reduce the likelihood of complaints, unsubscribes, bounces, and ____.

Answer 11

spam traps.

Question 12

Your reputation as an _____ impacts your potential reach as a marketer.

Answer 12

email sender

Question 13

To understand your email service provider’s capabilities, you should (1) _________; (2) get proper counsel; (3) attain third-party certification as a trusted sender.

Answer 13

know privacy laws where you do business

Question 14

To understand your email service provider’s capabilities, you should (1) know privacy laws where you do business; (2) _____; (3) attain third-party certification as a trusted sender.

Answer 14

get proper counsel

Question 15

To understand your email service provider’s capabilities, you should (1) know privacy laws where you do business; (2) get proper counsel; (3) ______.

Answer 15

attain third-party certification as a trusted sender.

Question 16

Best practices for successful email deliverability: (1) ______, (2) Manage your email list, (3) Optimize your content.

Answer 16

Manage your reputation

Question 17

Best practices for successful email deliverability: (1) Manage your reputation, (2) _____, (3) Optimize your content.

Answer 17

Manage your email list

Question 18

Best practices for successful email deliverability: (1) Manage your reputation, (2) Manage your email list, (3) ______.

Answer 18

Optimize your content

Question 19

____ is based on your behavior as an email sender.

Answer 19

Sender reputation

Question 20

To manage your sender reputation, you need to know your __

Answer 20

Sender score

Question 21

Spam filtering has made a shift from _______ to a reputation based system.

Answer 21

content scoring

Question 22

To manage your email reputation, you need to control ______.

Answer 22

spam complaints.

Question 23

To keep spam complaints down and comply with regulations, you should ______

Answer 23

obtain recipient permissions.

Question 24

To see the data underlying your email sender score, you can _____

Answer 24

register at senderscore.org.

Question 25

Sender scores use the following data: (1) _____, (2) complaint rates (3) unknown user rates (4) infrastructure (5) spam trap hits (6) content

Answer 25

send volume

Question 26

Sender scores use the following data: (1) send volume, (2) _____ (3) unknown user rates (4) infrastructure (5) spam trap hits (6) content

Answer 26

complaint rates

Question 27

Sender scores use the following data: (1) send volume, (2) complaint rates (3) ____ (4) infrastructure (5) spam trap hits (6) content

Answer 27

unknown user rates

Question 28

Sender scores use the following data: (1) send volume, (2) complaint rates (3) unknown user rates (4) ___ (5) spam trap hits (6) content

Answer 28

infrastructure

Question 29

Sender scores use the following data: (1) send volume, (2) complaint rates (3) unknown user rates (4) infrastructure (5) ___ (6) content

Answer 29

spam trap hits

Question 30

Sender scores use the following data: (1) send volume, (2) complaint rates (3) unknown user rates (4) infrastructure (5) spam trap hits (6) _____

Answer 30

content

Question 31

Sender scores are based on a scale of

Answer 31

0 to 100

Question 32

If you would like to see your Sender Score, you must first know if…

Answer 32

you are using a Dedicated IP or a Shared IP

Question 33

If you are on the Shared IP range, can one company’s bad behavior affect another company’s sender score?

Answer 33

Yes.

Question 34

Besides senderscore.org, where can you find more statistical information on sender scores?

Answer 34

Eloqua Trust page.

Question 35

What did a Return Path study learn about messages sent by senders with a sender score lower than 50?

Answer 35

Over 85% of them were classified as spam.

Question 36

For webmail providers, a sender score of 90+ equals what average inbox rate?

Answer 36

84%

Question 37

What is the #1 global deliverability organization?

Answer 37

ReturnPath

Question 38

If your sender score is in the highest benchmark range of 90-100, what will your average deliverability rate be?

Answer 38

95%

Question 39

Where do most legitimate businesses fall in terms of sender score, and what does this mean for their average deliverability rate?

Answer 39

Most fall in the range between 60 and 89, and end up with an average deliverabiity rate of 68%.

Question 40

Sender Scores are based on what three key components?

Answer 40

Complaints, unknown users, and spam traps.

Question 41

What is the “unknown users” component of sender score?

Answer 41

The percentage of emails sent from an IP address to nonexistent addresses - aka hard bouncebacks.

Question 42

______ are dummy email addresses developed by ISP’s or anti-spam organizations to catch illegitimate emails.

Answer 42

Spam traps

Question 43

If your email is caught in a Spam Trap, ISPs send out a _____ message.

Answer 43

5XX Unknown User SMTP error message

Question 44

One Spam Trap can decrease your Sender Score and inbox placement rates by how much?

Answer 44

Your Sender Score can decrease by more than 20 points and your inbox placement rates can go to 81% and lower.

Question 45

Spam Traps can cause your ____ to become blacklisted.

Answer 45

Mailing IP’s and/or domains

Question 46

Membership in the ____ may be suspended for exceeding acceptable Span Trap thresholds.

Answer 46

Return Path Certification Program.

Question 47

Because identifying Spam Traps can be time consuming, you should narrow in on …

Answer 47

suspicious segments.

Question 48

For the most part, _____ are the primary source of Spam Trap addresses.

Answer 48

rented or purchased lists.

Question 49

You can manage Spam Traps by using an _____ filter to…

Answer 49

using an inactivity-based filter to filter out inactive contacts from your list.

Question 50

A ______ can check your lists against known spam trap addresses.

Answer 50

third-party service

Question 51

If you need more help with spam traps, consider using a…

Answer 51

Delivery Program Assistance incident.

Question 52

A Delivery Program Assistance incident is available as part of Eloqua’s…

Answer 52

Branding and Delivery Boost package.

Question 53

To control complaints, (1) monitor complaint trends and (2)

Answer 53

Avoid getting on blacklists.

Question 54

To control complaints, (1) ___ and (2) Avoid getting on blacklists.

Answer 54

monitor complaint trends

Question 55

As a best practice, keep a close eye on your complaints. When should you benchmark?

Answer 55

Every few months and/or when you email in large batches.

Question 56

A _____ is a list of IP addresses, URLs, or domain names that are to be avoided.

Answer 56

blacklist

Question 57

Blacklists are chiefly used to publish…

Answer 57

lists of addresses linked to spamming.

Question 58

tip 1 to remove yourself from a blacklist: (1) visit the link to the ______ that is included in the notification

Answer 58

blocking service

Question 59

tip 2 to remove yourself from a blacklist: (2) If the link to the blocking service is not provided, search your ___

Answer 59

Bounceback History report

Question 60

tip 3 to remove yourself from a blacklist: contact the _____ to discuss and identify the issue

Answer 60

ESP/ISP Postmaster

Question 61

How can you find out if you’re on a blacklist?

Answer 61

Use an online tool

Question 62

If you’ve been blocked via blacklist, you will typically…

Answer 62

receive a notification.

Question 63

___ is an email validation system, allowing admins to specify which hosts are allowed to send email from a given domain.

Answer 63

Sender Policy Framework (SPF)

Question 64

What does SPF stand for?

Answer 64

Sender Policy Framework

Question 65

SPF creates a specific ______ in your DNS settings.

Answer 65

SPF or TXT record

Question 66

When Eloqua is first installed, part of the implementation process involves setting your ____ to validate email spoofing.

Answer 66

SPF record details within the DNS settings on all sending domains.

Question 67

A _____ is a list of approved IP addresses and senders.

Answer 67

whitelist

Question 68

To get your IP address on a whitelist, you need to establish a track record as a ___

Answer 68

permission-based email marketer.

Question 69

_____ provides the certification to whitelist your IP address.

Answer 69

Return Path

Question 70

Does manually moving messages into the junk folder impact the complaint rate?

Answer 70

Not on a desktop client like Outlook, but it will on web clients like Gmail.

Question 71

The rate of email complaints _____ as the sender score rises.

Answer 71

falls dramatically

Question 72

To gain recipient permission, send emails only when ____

Answer 72

explicitly requested.

Question 73

To gain recipient permission, _____ neutral contacts.

Answer 73

target neutral contacts in an attempt to get them to opt-in.

Question 74

To gain recipient permission, ____ inactive contacts.

Answer 74

re-engage

Question 75

To gain recipient permission, _______ active opt-in contacts

Answer 75

strengthen your relationship with active opt-in contacts.

Question 76

To gain recipient permission, respect…

Answer 76

subscriber preferences about content and timing.

Question 77

When someone submits an email address in a web form, then submits that address again on a second page, it is referred to as…

Answer 77

double opt-in.

Question 78

When someone fills out a web form, then affirms their request again to be on your mailing list, it is referred to as…

Answer 78

confirmed opt-in.

Question 79

Spammers use the term _______ to refer to a situation where the subscriber was opted in without their consent, then “opted in” a second time by failing to unsubscribe.

Answer 79

double opt-in

Question 80

As a best practice, use the __ to increase the number of valid emails in your database.

Answer 80

Confirmed Opt-In

Question 81

Is Confirmed Opt-In widely used? Why or why not?

Answer 81

It is used by very few clients because of its impact on the subscription rates.

Question 82

To manage your email list, (1) ____, (2) perform IP warming, (3) process bouncebacks, (4) filter to find active contacts.

Answer 82

validate list sources.

Question 83

To manage your email list, (1) validate list sources, (2) perform IP warming, (3) _____, (4) filter to find active contacts.

Answer 83

process bouncebacks

Question 84

To manage your email list, (1) validate list sources, (2) perform IP warming, (3) process bouncebacks, (4) ___

Answer 84

filter to find active contacts.

Question 85

To manage your email list, (1) validate list sources, (2) _____, (3) process bouncebacks, (4) filter to find active contacts.

Answer 85

perform IP warming

Question 86

True or false: Best practice says do not buy or rent lists.

Answer 86

True.

Question 87

If you buy lists, understand (1) _____ (2) age and last usage date (3) how they monitor and remove complainers (4) how they verify and maintain opt-in statuses

Answer 87

source of data

Question 88

If you buy lists, understand (1) source of data (2) ________ (3) how they monitor and remove complainers (4) how they verify and maintain opt-in statuses

Answer 88

age and last usage date

Question 89

If you buy lists, understand (1) source of data (2) age and last usage date (3) ______ (4) how they verify and maintain opt-in statuses

Answer 89

how they monitor and remove complainers

Question 90

If you buy lists, understand (1) source of data (2) age and last usage date (3) how they monitor and remove complainers (4) ____

Answer 90

how they verify and maintain opt-in statuses

Question 91

Use Case - Eloqua’s marketing IP had been blocked on ____

Answer 91

SpamHaus

Question 92

Eloqua had to remove a purchased list from its database in its entirety, which meant…

Answer 92

they lost addresses they had paid for.

Question 93

Out of the SpamHaus incident, Eloqua’s ___ document was born.

Answer 93

Outside List Acquisition Best Practices document

Question 94

To perform IP warming, (1) send emails to all addresses in a phased manner and then remove hard bounces; (2) ______; (3) use recent contact info only; (4) use HTML with simple design; (4) review reports after each send.

Answer 94

confirm the list does not contain previously unsubscribed addresses

Question 95

To perform IP warming, (1) ______ (2) confirm the list does not contain previously unsubscribed addresses; (3) use recent contact info only; (4) use HTML with simple design; (4) review reports after each send.

Answer 95

send emails to all addresses in a phased manner and then remove hard bounces;

Question 96

To perform IP warming, (1) send emails to all addresses in a phased manner and then remove hard bounces; (2) confirm the list does not contain previously unsubscribed addresses; (3) use recent contact info only; (4) ______; (5) review reports after each send.

Answer 96

use HTML with simple design

Question 97

To perform IP warming, (1) send emails to all addresses in a phased manner and then remove hard bounces; (2) confirm the list does not contain previously unsubscribed addresses; (3) use recent contact info only; (4) use HTML with simple design; (5) _____.

Answer 97

review reports after each send

Question 98

To perform IP warming, (1) send emails to all addresses in a phased manner and then remove hard bounces; (2) confirm the list does not contain previously unsubscribed addresses; (3) _____; (4) use HTML with simple design; (4) review reports after each send.

Answer 98

use recent contact info only

Question 99

__ is the process of slowly introducing your new sender IP address by gradually increasing the volume of emails sent from that IP over a period of time.

Answer 99

IP warning

Question 100

Many companies skip the IP warming process. Why?

Answer 100

Because it may slow their sending for the first month.

Question 101

In IP warming, the first step uses content that is…

Answer 101

not time sensitive.

Question 102

3 good campaign types to use for IP warming are:

Answer 102

(1) a data harvest campaign, (2) a campaign to update subscription options, or (3) a simple newsletter campaign

Question 103

Step 2 in IP warming is to build a list of contacts that…

Answer 103

have explicitly opted-in.

Question 104

In the first week of IP warming, send the email to…

Answer 104

1% of your total list each day.

Question 105

In the second week of IP warming, send the email to..

Answer 105

3% of the list each day

Question 106

In the third week of IP warming, increase the email send to…

Answer 106

10% of the list each day.

Question 107

During IP warming, monitor and remove contacts who…

Answer 107

bounceback, unsubscribe, or complain.

Question 108

To manage lists successfully, (1) ____ (2) keep hard bouncebacks under 3% (3) monitor spam complaints and bounceback reports

Answer 108

remove hard bouncebacks from segment

Question 109

To manage lists successfully, (1) remove hard bouncebacks from segment (2) _____ (3) monitor spam complaints and bounceback reports

Answer 109

keep hard bouncebacks under 3%

Question 110

To manage lists successfully, (1) remove hard bouncebacks from segment (2) keep hard bouncebacks under 3% (3) ____

Answer 110

monitor spam complaints and bounceback reports

Question 111

Eloqua by default auto-suppresses any sends to a Contact flagged as a…

Answer 111

hard bounceback

Question 112

Not sending to hard bouncebacks supports…

Answer 112

reporting

Question 113

What timeframe do most Eloqua clients use to weed out inactive contacts?

Answer 113

3 - 6 months

Question 114

After __ unsuccessful attempts to engage contacts, it’s time to…

Answer 114

suppress them from future sends.

Question 115

To manage your content, (1) ______, (2) optimize relevancy and frequency, (3) review and refine content.

Answer 115

reinforce email expectations

Question 116

To manage your content, (1) reinforce email expectations, (2) ______, (3) review and refine content.

Answer 116

optimize relevancy and frequency

Question 117

To manage your content, (1) reinforce email expectations, (2) optimize relevancy and frequency, (3) ______.

Answer 117

review and refine content

Question 118

To reinforce email expectations, (1) ______, (2) send welcome messages, (3) check in with contacts periodically, (4) move subscription management options to upper half of your emails

Answer 118

communicate your privacy policy

Question 119

To reinforce email expectations, (1) communicate your privacy policy, (2) send welcome messages, (3) _____, (4) move subscription management options to upper half of your emails

Answer 119

check in with contacts periodically

Question 120

To reinforce email expectations, (1) communicate your privacy policy, (2) send welcome messages, (3) check in with contacts periodically, (4) ____

Answer 120

move subscription management options to upper half of your emails

Question 121

To reinforce email expectations, (1) communicate your privacy policy, (2) ____, (3) check in with contacts periodically, (4) move subscription management options to upper half of your emails

Answer 121

send welcome messages

Question 122

To optimize relevancy and frequency, use ___ to test frequency and determine the optimal mix for your target audience.

Answer 122

automated programs

Question 123

To optimize relevancy and frequency, ask subscribers for…

Answer 123

input and feedback.

Question 124

What should you strive for in bounce and complaint rates?

Answer 124

Bounce rate less than 3%, complaint rate less than 0.01%

Question 125

You should generate reports that provide insight into:

Answer 125

bounces, complaints, and unsubscribes

Question 126

Forrester’s Email Marketing Trends 2012 report shows what two are the leading reasons for unsubscribes?

Answer 126

Relevance at 31.4%, frequency at 30.7%

Question 127

In the ASCE case study, how did Eloqua help ASCE send to over 1.5 million contacts in 30 days with a 98% inbox acceptance rate?

Answer 127

(1) Analyzed lists, (2) optimized content, (3) sent emails in multiple small batches each day.

Question 128

The ______ report allows you to see the contacts that have bounced per email

Answer 128

Email Bounceback Overview

Question 129

The ___ report allows you to see specific bounceback error messages

Answer 129

Bounceback History with Messaging

Question 130

The __ report allows you to see bounceback messages generated by email sends by Sales reps

Answer 130

Sales Email Overview

Question 131

The ____ report allows you to see who has reported you as spam to their email provider

Answer 131

Spam Unsubscribe Report

Question 132

What are the three standard testing tools of Eloqua per email?

Answer 132

General Deliverability Test, Inbox Preview Test, and Spam Content Check

Question 133

To access the General Deliverability test from an email…

Answer 133

Action > Test Content and Deliverability

Question 134

Test Content and Deliverability allows external tests via ___

Answer 134

Return Path

Question 135

The _______ test sends your email to a variety of seed accounts and returns Inbox, Junk, and Missing percentages or each domain.

Answer 135

General Deliverability Test

Question 136

The output of the General Deliverability test is an __ that displays your deliverability percentages around the world.

Answer 136

an Excel file

Question 137

The Excel file that you get after running a General Deliverability Test shows what three statistics?

Answer 137

Inbox Percentage, Bulk Percentage, and Missing Percentage.

Question 138

“Missing” emails are what?

Answer 138

Emails that never made it to the Inbox or the Junk folders, which typically means they were blocked at the ISP level.

Question 139

The General Deliverability column that reads ISP also includes what else?

Answer 139

ESP’s and Spam filters

Question 140

The _____ report shows how emails will appear in a number of different email client inboxes.

Answer 140

Inbox Preview Test

Question 141

The ___ and the ____ run together

Answer 141

Inbox Preview Test and Spam Content Test

Question 142

The __ examines email performance against a range of commonly used email spam filters.

Answer 142

Spam Content Test

Question 143

The Spam Content Test evaluates your email for _____ words

Answer 143

spam-like words

Question 144

A link reputation check checks your email for…

Answer 144

links to questionable websites

Question 145

Which report shows information more on the bouncebacks themselves, and not the Contacts?

Answer 145

Bounceback History with Messaging

Question 146

Name three steps with regards to Email Deliverability Best Practices.

Answer 146

1. Manage your reputation, 2. Manage your email list, 3. Optimize your content

Question 147

What factors is your sender reputation based on?

Answer 147

Complaints, unknown users, and spam traps.

Question 148

Canada’s Anti-Spam Legislation is a __ available to everyone

Answer 148

Private Right of Action (PRA)

Question 149

True or false: CASL is not limited to email communications.

Answer 149

True. It includes all commercial electronic communication.

Question 150

True or false? CASL requires express affirmative consent, or opt-in.

Answer 150

True.

Question 151

True or false? CASL requires truthful headers like sender and subject line.

Answer 151

True.

Question 152

True or false? CASL permits you to alter transmission data.

Answer 152

False.

Question 153

True or false? CASL requires a conspicuous unsubscribe mechanism.

Answer 153

True.

Question 154

True or false? CASL requires you to include the postal address of the sender.

Answer 154

True.

Question 155

Under CASL, can you perform address harvesting or send to harvested addresses?

Answer 155

True.

Question 156

Who has liability under CASL?

Answer 156

Entities who knowingly allow spam to be sent on their behalf

Question 157

The CASL law accepts implied opt-in in what 3 situations?

Answer 157

(1) existing business relationship; (2) conspicuously published email addresses; (4) recipients have provided email address directly to sender

Question 158

Is it an existing business relationship if someone donates to, volunteers for, or becomes an official member of your organization?

Answer 158

No.

Question 159

What are CASL fines?

Answer 159

Up to $1 million per violation for individuals, up to $10 million per violation for businesses.

Question 160

To grow your database, adopt rigorous list management and acquisition practices, including:

Answer 160

a double opt-in or confirmed opt-in process.

Question 161

Keep opt-outs ______________

Answer 161

simple and easy to access

Question 162

A C-28 best practice is to include what kind of contact information in each email?

Answer 162

Company name, contact information and sender’s information if company is sending emails on your behalf?

Question 163

A C-28 best practice is to build your own list of …

Answer 163

permission-based contacts.

Question 164

In case your unsubscribe link is not working properly, you should include a….

Answer 164

phone number.

Question 165

CASL’s anti-spam provisions went into effect when?

Answer 165

July 1, 2014

Question 166

When do CASL’s installation of computer programs provisions go into effect?

Answer 166

January 15, 2015

Question 167

When do CASL’s Private Right of Action provisions take effect?

Answer 167

July 1, 2017

Question 168

For more info on CASL where can you go?

Answer 168

The Canadian Communications Law website.

Question 169

What are 3 things you should do today about CASL?

Answer 169

(1) Check if you have opt-in confirmation for Canadian contacts (2) if not, obtain explicit consent within 2 years (3) segment contacts by country

Question 170

What are penalties for CAN-SPAM violations

Answer 170

Up to $1 million or 5 years in prison

Question 171

For more info on CAN-SPAM where can you go?

Answer 171

Bureau of Consumer Protection Business Center

Question 172

CAN-SPAM prohibits the use of false or misleading _________

Answer 172

header information and subject lines

Question 173

True or false: CAN-SPAM requires you identify a message as an ad.

Answer 173

True.

Question 174

What are CAN-SPAM’s opt-out requirements?

Answer 174

Tell recipients how to opt out, and honor opt-out requests promptly

Question 175

Does CAN-SPAM require you to monitor what others are doing on your behalf?

Answer 175

Yes.

Question 176

What kind of contact information does CAN-SPAM require you to provide?

Answer 176

A valid physical postal address.

Question 177

Under CAN-SPAM, can your contact address be a P.O. box?

Answer 177

Yes.

Question 178

The key to determining if your message is commercial or transactional lies in…

Answer 178

The bulk of the message’s content.

Question 179

Under CAN-SPAM and CASL can you include a short commercial message in a transactional email?

Answer 179

Yes.

Question 180

4 CAN-SPAM best practices: (1) ____; (2) Keep a company-wide Do Not Email list; (3) Include address specific code to help identify Do-Not Email requests; (4) honor opt-out requests promptly

Answer 180

Use a footer allowing opt-outs

Question 181

4 CAN-SPAM best practices: (1) Use a footer allowing opt-outs; (2) _____; (3) Include address specific code to help identify Do-Not Email requests; (4) honor opt-out requests promptly

Answer 181

Keep a company-wide Do Not Email list

Question 182

4 CAN-SPAM best practices: (1) Use a footer allowing opt-outs; (2) Keep a company-wide Do Not Email list; (3) _____; (4) honor opt-out requests promptly

Answer 182

Include address specific code to help identify Do-Not Email requests

Question 183

4 CAN-SPAM best practices: (1) Use a footer allowing opt-outs; (2) Keep a company-wide Do Not Email list; (3) Include address specific code to help identify Do-Not Email requests and prevent forwarded emails from being confused with spam; (4) _____

Answer 183

honor opt-out requests promptly

Question 184

Do CAN-SPAM and CASL prohibit no-reply email addresses for commercial email?

Answer 184

Yes.

Question 185

Does Eloqua automatically include recipient-specific coding in emails to prevent forwarded emails from being confused with spam?

Answer 185

Yes.

Question 186

Under CAN-SPAM and CASL, what are the time requirements for unsubscribe requests to be processed?

Answer 186

Must be processed within 10 days.

Question 187

Under CAN-SPAM and CASL, how long after an email is sent must the Unsubscribe link be valid

Answer 187

60 days.

Question 188

What is Canada’s privacy law called?

Answer 188

PIPEDA

Question 189

What is the EU privacy law called?

Answer 189

EU Data Protection Law

Question 190

Does the US have different laws for different types of data?

Answer 190

Yes

Question 191

In the US, who governs commercial data privacy?

Answer 191

The Federal Trade Commission (FTC)

Question 192

In the US< who governs health data?

Answer 192

Department of Health and Human Services

Question 193

When did PIPEDA become law in Canada?

Answer 193

April 13, 2000

Question 194

What does PIPEDA stand for?

Answer 194

Personal Information Protection and Electronic Documents Act

Question 195

The 5 principles of PIPEDA are: (1) ____, (2) Identifying Purposes (3) Consent (4) Limiting Collection (5) Limiting Use, Disclosure, and Retention

Answer 195

Accountability

Question 196

The 5 principles of PIPEDA are: (1) Accountability, (2) _____ (3) Consent (4) Limiting Collection (5) Limiting Use, Disclosure, and Retention

Answer 196

Identifying Purposes

Question 197

The 5 principles of PIPEDA are: (1) Accountability, (2) Identifying Purposes (3) ___ (4) Limiting Collection (5) Limiting Use, Disclosure, and Retention

Answer 197

Consent

Question 198

The 5 principles of PIPEDA are: (1) Accountability, (2) Identifying Purposes (3) Consent (4) _____ (5) Limiting Use, Disclosure, and Retention

Answer 198

Limiting Collection

Question 199

The first 5 principles of PIPEDA are: (1) Accountability, (2) Identifying Purposes (3) Consent (4) Limiting Collection (5) ______

Answer 199

Limiting Use, Disclosure, and Retention

Question 200

According to the _____ principle of PIPEDA, you have to have an individual at your organization who owns PIPEDA compliance.

Answer 200

Accountability

Question 201

The _____ principle of PIPEDA says a company has to tell you why they want certain information.

Answer 201

Identifying purposes

Question 202

What is one example of a way you can provide data without giving consent?

Answer 202

When your online behavior is tracked via cookies.

Question 203

The _____ principle of PIPEDA means you can only collect as much data as you need for the purpose.

Answer 203

Limiting Collection.

Question 204

The ____ principle of PIPEDA means you can’t keep information longer than you need it to fulfill the purpose you stated when you collected the data.

Answer 204

Limiting Use, Disclosure, and Retention

Question 205

The second 5 principles of PIPEDA are (6) Accuracy, (7) ____, (8) Openness, (9) Individual access, (10) Challenging compliance

Answer 205

Safeguards

Question 206

The second 5 principles of PIPEDA are (6) Accuracy, (7) Safeguards, (8) _____, (9) Individual access, (10) Challenging compliance

Answer 206

Openness

Question 207

The second 5 principles of PIPEDA are (6) ___, (7) Safeguards, (8) Openness, (9) Individual access, (10) Challenging compliance

Answer 207

Accuracy

Question 208

The second 5 principles of PIPEDA are (6) Accuracy, (7) Safeguards, (8) Openness, (9) ____, (10) Challenging compliance

Answer 208

Individual access

Question 209

The second 5 principles of PIPEDA are (6) Accuracy, (7) Safeguards, (8) Openness, (9) Individual access, (10) _____

Answer 209

Challenging compliance

Question 210

The ____ principle of PIPEDA means you have to provide easy access to the PIPEDA compliance officer at your organization to address any challenges.

Answer 210

Challenging Compliance

Question 211

Six PIPEDA best practices are (1) _____ (2) opt-outs (3) education (4) never share data (5) use of voice (6) be sure you know who you’re talking to.

Answer 211

privacy policy

Question 212

Six PIPEDA best practices are (1) privacy policy (2) ____ (3) education (4) never share data (5) use of voice (6) be sure you know who you’re talking to.

Answer 212

opt-outs

Question 213

Six PIPEDA best practices are (1) privacy policy (2) opt-outs (3) _____ (4) never share data (5) use of voice (6) be sure you know who you’re talking to.

Answer 213

education

Question 214

Six PIPEDA best practices are (1) privacy policy (2) opt-outs (3) education (4) _____ (5) use of voice (6) be sure you know who you’re talking to.

Answer 214

never share data

Question 215

Six PIPEDA best practices are (1) privacy policy (2) opt-outs (3) education (4) never share data (5) _____ (6) be sure you know who you’re talking to.

Answer 215

use of voice

Question 216

Six PIPEDA best practices are (1) privacy policy (2) opt-outs (3) education (4) never share data (5) use of voice (6) ____

Answer 216

be sure you know who you’re talking to.

Question 217

The ______ PIPEDA best practice means to use the data you’ve gathered intelligently and discreetly.

Answer 217

Use of Voice

Question 218

“Not Joe, click here” is an example of what PIPEDA best practice?

Answer 218

Be sure you know who you’re talking to.

Question 219

In the EU, what kind of consent must you obtain before installing cookies on a person’s computer

Answer 219

explicit opt-in consent.

Question 220

EU’s protection applies when data is collected or processed in or through…

Answer 220

an establishment located in any EU member state.

Question 221

If the data is processed through ______ located in the EU, the EU protection requirement applies

Answer 221

equipment, in particular a server

Question 222

Some EU member states have national data protection laws that are…

Answer 222

stricter than the EU data protection law.

Question 223

EU: Which law always overrides? The stricter or the weaker?

Answer 223

The stricter

Question 224

EU: Who is responsible for compliance - Eloqua or the customer?

Answer 224

The customer.

Question 225

EU: To draft and obtain consent, you should use _____ language.

Answer 225

Plain language.

Question 226

EU: To obtain consent, the ____ has to be identified

Answer 226

data controller

Question 227

EU: To obtain consent, you must disclose the ___ of data collected, ____, and why ____

Answer 227

type of data collected, how it is done, and why it is being collected and processed.

Question 228

EU: What needs to be in place to prevent giving of consent by mistake?

Answer 228

Safeguards.

Question 229

What’s an example of a safeguard?

Answer 229

Not providing pre-checked boxes.

Question 230

EU: You must provide information on the consequences of:

Answer 230

not consenting.

Question 231

EU: you must give a brief explanation of the users’

Answer 231

rights.

Question 232

EU: When does the user need to give consent?

Answer 232

Prior to the collection of personal data.

Question 233

An essential certification for transferring data from the EU to the US for processing is….

Answer 233

Safe Harbor

Question 234

Is Eloqua Safe Harbor certified?

Answer 234

Yes

Question 235

Is it a good idea to obtain your own Safe Harbor certification?

Answer 235

Yes

Question 236

A third party privacy monitoring and auditing service is…

Answer 236

TRUSTe

Question 237

TRUSTe ensures compliance with…

Answer 237

Safe Harbor certification and related marketing practices.

Question 238

Eloqua works directly with TRUSTe. This enables customers to (1) and (2)

Answer 238

(1) enjoy one-click access to TRUSTe data management solutions and auditing (2) attach the TRUSTe symbol to emails, forms, and landing pages.

Question 239

Eloqua supports EU privacy compliance with: (1) ______ (2) Visitor tracking opt-outs (3) Confirmed opt-in process (4) Subscription management (5) Master Exclude list (6) Form layouts with tracking opt-in options (7) Notification and Data Protection Official

Answer 239

Tracking and cookies enablement

Question 240

Eloqua supports EU privacy compliance with: (1) Tracking and cookies enablement (2) _______ (3) Confirmed opt-in process (4) Subscription management (5) Master Exclude list (6) Form layouts with tracking opt-in options (7) Notification and Data Protection Official

Answer 240

Visitor tracking opt-outs

Question 241

Eloqua supports EU privacy compliance with: (1) Tracking and cookies enablement (2) Visitor tracking opt-outs (3) ______ (4) Subscription management (5) Master Exclude list (6) Form layouts with tracking opt-in options (7) Notification and Data Protection Official

Answer 241

Confirmed opt-in process

Question 242

Eloqua supports EU privacy compliance with: (1) Tracking and cookies enablement (2) Visitor tracking opt-outs (3) Confirmed opt-in process (4) _______ (5) Master Exclude list (6) Form layouts with tracking opt-in options (7) Notification and Data Protection Official

Answer 242

Subscription management

Question 243

Eloqua supports EU privacy compliance with: (1) Tracking and cookies enablement (2) Visitor tracking opt-outs (3) Confirmed opt-in process (4) Subscription management (5) _______ (6) Form layouts with tracking opt-in options (7) Notification and Data Protection Official

Answer 243

Master Exclude list

Question 244

Eloqua supports EU privacy compliance with: (1) Tracking and cookies enablement (2) Visitor tracking opt-outs (3) Confirmed opt-in process (4) Subscription management (5) Master Exclude list (6) ________ (7) Notification and Data Protection Official

Answer 244

Form layouts with tracking opt-in options

Question 245

Eloqua supports EU privacy compliance with: (1) Tracking and cookies enablement (2) Visitor tracking opt-outs (3) Confirmed opt-in process (4) Subscription management (5) Master Exclude list (6) Form layouts with tracking opt-in options (7) ________

Answer 245

Notification and Data Protection Official

Question 246

Name the three Strict Mode tracking options.

Answer 246

(1) Track all visitors (2) Track visitors that are not on the Country by IP restriction list and track visitors from restricted countries that have opted-in to tracking (3) Do not track any visitor unless he has opted-in to tracking

Question 247

Which Strict Mode tracking option is the most commonly used?

Answer 247

Dynamically tracking visitors based on the country they’re in.

Question 248

Does Eloqua maintain a list of countries that require opt-ins?

Answer 248

Yes.

Question 249

Whose responsibility is it to make sure the list of IP restrictions is complete and that you comply with the privacy laws?

Answer 249

Yours. Eloqua provides guidelines to create a list of IP restrictions.

Question 250

How do you enable Strict Mode settings?

Answer 250

Contact Eloqua Support using My Oracle Support.

Question 251

Once you enable Strict Mode, can it be enabled only for some websites you track?

Answer 251

No, it’s enabled for your entire Eloqua install.

Question 252

Things to check today: (1) ________ (2) are you tracking EU prospects? (3) Do you offer tracking opt-out? (4) Do you have a mixed install? (5) Does your privacy policy state you are dropping a cookie?

Answer 252

do you have an EU presence?

Question 253

Things to check today: (1) do you have an EU presence? (2) _______ (3) Do you offer tracking opt-out? (4) Do you have a mixed install? (5) Does your privacy policy state you are dropping a cookie?

Answer 253

are you tracking EU prospects?

Question 254

Things to check today: (1) do you have an EU presence? (2) are you tracking EU prospects? (3) ______ (4) Do you have a mixed install? (5) Does your privacy policy state you are dropping a cookie?

Answer 254

Do you offer tracking opt-out?

Question 255

Things to check today: (1) do you have an EU presence? (2) are you tracking EU prospects? (3) Do you offer tracking opt-out? (4) _______ (5) Does your privacy policy state you are dropping a cookie?

Answer 255

Do you have a mixed install?

Question 256

Things to check today: (1) do you have an EU presence? (2) are you tracking EU prospects? (3) Do you offer tracking opt-out? (4) Do you have a mixed install? (5) _____

Answer 256

Does your privacy policy state you are dropping a cookie?

Question 257

What is meant by a mixed install?

Answer 257

You have a global marketing team sharing the same Eloqua database

Question 258

True/False: C-28 is a private right of action available only to businesses.

Answer 258

False

Question 259

True/False: There is no implied consent for referrals.

Answer 259

True.

Question 260

True/False: C-28 accepts implied opt-in consent when the recipients have provided their email address directly to the sender.

Answer 260

True.

Question 261

What does ESPC stand for?

Answer 261

Canada’s Email Sender and Provider Coalition.

Question 262

In Canada, how long is implied consent valid for in most cases?

Answer 262

Two years.

Question 263

Under the EU Data Reform, the __________ requires organizations to completely delete someone’s personal data if they request it.

Answer 263

Right to be Forgotten

Question 264

The ________ proposes to create one universal set of guidelines and laws on data protection that will apply to all of the EU

Answer 264

EU Data Reform

Question 265

Under the EU Data Reform, the ______ notification requirement would be removed

Answer 265

regional

Question 266

Under the EU data reform, when must data breaches be reported?

Answer 266

Within 24 hours.

Question 267

The EU Data Reform has increased stringency around ___ advertising.

Answer 267

behavioral advertising

Question 268

Under the EU Data Reform, companies must share data on an individual on request in a _______ format.

Answer 268

portable

Question 269

In 2012, the ________ put together a Data Breach Investigations report that was released in 2013

Answer 269

Verizon Enterprise RISK team

Question 270

True or false: Data storage companies are more susceptible to data breach from within, and therefore they are the only ones who need to take preventative steps against data breach.

Answer 270

False.

Question 271

According to Verizon’s 2013 Data Breach Investigations report, who was responsible for data breaches?

Answer 271

92% of breaches stemmed from external agents.

Question 272

What types of external agents committed data breaches?

Answer 272

55% organized crime, 21% state-affiliated, 21% unknown, 2% Hactivists, 1% former employees

Question 273

What was the motivation for state-affiliated data breaches?

Answer 273

Usually espionage.

Question 274

We are getting better at protecting against _____ and ____.

Answer 274

Hackers and malware.

Question 275

In 2012 there were large upticks in ____, _____, and ____ types of data breaches.

Answer 275

physical, social, and misuse

Question 276

Physical data breach attacks encompass ____ and increased by ____ in 2012.

Answer 276

actual physical theft, increased by 25%

Question 277

____ is the main source of social data breaches and includes tactics such as ____ and _____

Answer 277

Email; phishing and pretexting

Question 278

When an individual lies to obtain privileged data, this is called _____

Answer 278

pretexting.

Question 279

To prevent data breaches, smaller organizations should (1) _____, (2) change default credentials of POS systems and other Internet-facing devices (3) Use two-step verification (4) Check third-party IT vendors’ security measures

Answer 279

use a firewall

Question 280

To prevent data breaches, smaller organizations should (1) use a firewall, (2) ______ (3) Use two-step verification (4) Check third-party IT vendors’ security measures

Answer 280

change default credentials of POS systems and other Internet-facing devices

Question 281

To prevent data breaches, smaller organizations should (1) use a firewall, (2) change default credentials of POS systems and other Internet-facing devices (3) ______ (4) Check third-party IT vendors’ security measures

Answer 281

Use two-step verification

Question 282

To prevent data breaches, smaller organizations should (1) use a firewall, (2) change default credentials of POS systems and other Internet-facing devices (3) Use two-step verification (4) _______

Answer 282

Check third-party IT vendors’ security measures

Question 283

To prevent data breaches, larger organizations should (1) _____ (2) ensure all essential controls are met and regulated (3) monitor event logs (4) evaluate current threats in your industry space

Answer 283

eliminate unnecessary data

Question 284

To prevent data breaches, larger organizations should (1) eliminate unnecessary data (2) _____ (3) monitor event logs (4) evaluate current threats in your industry space

Answer 284

ensure all essential controls are met and regulated

Question 285

To prevent data breaches, larger organizations should (1) eliminate unnecessary data (2) ensure all essential controls are met and regulated (3) _____ (4) evaluate current threats in your industry space

Answer 285

monitor event logs

Question 286

To prevent data breaches, larger organizations should (1) eliminate unnecessary data (2) ensure all essential controls are met and regulated (3) monitor event logs (4) ___

Answer 286

evaluate current threats in your industry space

Question 287

By February 2014, the cost of the December 2013 retail store data breach was:

Answer 287

$61 million

Question 288

The April 2014 ___________ took advantage of a weakness in the OpenSSL and allowed hackers to gather data from supposedly secure sites.

Answer 288

HeartBleed Bug

Question 289

How many secure web servers were vulnerable to the HeartBleed Bug attack?

Answer 289

17%, or a half million

Question 290

What was the worst intelligence data breach of all time?

Answer 290

The Snowden affair

Question 291

Why did Edward Snowden have access to so much information?

Answer 291

Through lack of compartmentalization and security access levels

Question 292

Eloqua’s ______ allow you to manage the IP addresses that are allowed to access your database.

Answer 292

IP address restrictions

Question 293

Data Breach Law - best practices: (1) ______ (2) protect cardholder data (3) maintain Vulnerability Management program (4) access control measures (5) monitor and test networks (6) maintain information security policy

Answer 293

safe internal network

Question 294

Data Breach Law - best practices: (1) safe internal network (2) ______ (3) maintain Vulnerability Management program (4) access control measures (5) monitor and test networks (6) maintain information security policy

Answer 294

protect cardholder data

Question 295

Data Breach Law - best practices: (1) safe internal network (2) protect cardholder data (3) maintain a ______ (4) access control measures (5) monitor and test networks (6) maintain information security policy

Answer 295

Vulnerability Management program

Question 296

Data Breach Law - best practices: (1) safe internal network (2) protect cardholder data (3) maintain Vulnerability Management program (4) _____ (5) monitor and test networks (6) maintain information security policy

Answer 296

access control measures

Question 297

Data Breach Law - best practices: (1) safe internal network (2) protect cardholder data (3) maintain Vulnerability Management program (4) access control measures (5) ____ (6) maintain information security policy

Answer 297

monitor and test networks

Question 298

Data Breach Law - best practices: (1) safe internal network (2) protect cardholder data (3) maintain Vulnerability Management program (4) access control measures (5) monitor and test networks (6) maintain _____

Answer 298

an information security policy