Prelim

Question 1

refers to any information, whether recorded in a
material form or not, from which the identity of an individual is
apparent or can be directly ascertained by the entity holding the
information

Answer 1

Personal data

Question 2

concerns the collection and use of data about individuals

Answer 2

Privacy

Question 3

part of the data protection area that deals with
the proper handling of data, with the focus on compliance
with data protection regulations.

Answer 3

Data privacy

Question 4

includes a set of standards and different
safeguards and measures that an organization is taking to
prevent any third party from unauthorized access to digital data
or any intentional or unintentional alteration, deletion, or data
disclosure

Answer 4

Data security

Question 5

an unauthorized or unintentional
disclosure of confidential information.

Answer 5

Data breach

Question 6

the stealing of data or confidential
information by electronic means, including ransomware
and hacking.

Answer 6

Cyberattack

Question 7

is a model designed to guide an organization’s
policies on information security.

Answer 7

CIA Triad

Question 8

ensures that data is accessed only by
authorized individuals.

Answer 8

Confidentiality

Question 9

ensures that information is reliable as well as
accurate

Answer 9

Integrity

Question 10

ensures that data is both available and
accessible to satisfy business needs.

Answer 10

Availability

Question 11

particularly
sensitive, as it may easily use to commit online and/or
offline fraud.

Answer 11

Financial privacy

Question 12

the process of ingesting, storing,
organizing, and maintaining the data created and collected by an
organization

Answer 12

Data management –

Question 13

are subject to
stringent laws that address user access privileges. By
law, security and authentication systems are often
required for individuals

Answer 13

Medical privacy

Question 14

websites
publish a privacy policy that details the website’s
intended use of collected online and/or offline collected
data.

Answer 14

Internet privacy

Question 15

information that can be used to distinguish or trace an
individual’s identity

Answer 15

personally identifiable information

Question 16

take privacy requirements into
account throughout the system development process, from the
conception of a new IT system through detailed system design,
implementation, and operation.

Answer 16

Privacy by Design

Question 17

These are system requirements
that have privacy relevance. System privacy
requirements define the protection capabilities provided
by the system, the performance and behavioral
characteristics exhibited by the system,

Answer 17

Privacy requirements

Question 18

This principle requires an organization
to ensure that it only processes the data that is necessary to
achieve its specific purpose and that PII is protected during
collection, storage, use, and transmission

Answer 18

Privacy as the default:

Question 19

g focuses on implementing techniques that
decrease privacy risks and enables organizations to make
purposeful decisions about resource allocation and effective
implementation of controls in information

Answer 19

Privacy Engineering

Question 20

involves taking account of privacy during the
entire life cycle of ICT

Answer 20

Privacy Engineering

Question 21

t is an expectation of loss expressed
as the probability that a particular threat will exploit a particular
vulnerability with a particular harmful result.

Answer 21

Security risk assessment i

Question 22

includes a disciplined, structured, and
flexible process for organizational asset valuation; security and
privacy control selection, implementation, and assessment;
system and control authorizations

Answer 22

Risk management

Question 23

are system requirements that have
privacy relevance. System privacy requirements define the
protection capabilities provided by the system, the performance
and behavioral characteristics exhibited by the system

Answer 23

Privacy requirements

Question 24

is an analysis of how
information is handled: to ensure handling conforms to
applicable legal, regulatory, and policy requirements regarding
privacy; to determine the risks and effects of collecting,

Answer 24

Privacy impact assessment

Question 25

PbD seeks to assure users and
other stakeholders that privacy-related business practices and
technical controls are operating according to state commitments
and objectives.

Answer 25

Visibility and transparency:

Question 26

Privacy protections should
be core, organic functions, not added on after a design is
complete.

Answer 26

Privacy embedded into the design

Question 27

Privacy protections should
be core, organic functions, not added on after a design is
complete.

Answer 27

Privacy embedded into the design