privacy and sensitive data concepts

Question 1

_____ involves stealing ideas, inventions, creative expressions, and trade secrets from a person or company for another’s benefit.

Answer 1

Intellectual Property (IP) theft

Question 2

_____ is a database de-identification method where randomly generated tokens substitute all or part of data in a field.

Answer 2

Tokenization

Question 3

A _____ process is a practice of protecting private or sensitive data by erasing or encrypting identifiers that connect an individual to stored data. The process permanently removes the identifying information.

Answer 3

data anonymization

Question 4

_____ is a de-identification procedure that ensures one or more pseudonyms replace personally identifiable information (PII) fields within a data record. _____ makes the data record less identifiable and is reversible.

Answer 4

Pseudonymization

Question 5

A _____ is performed to identify vulnerabilities that may lead to data breach when storing, processing, and disclosing Personally Identifiable Information (PII). It also evaluates controls mitigating those risks.

Answer 5

Privacy Impact Assessment (PIA)

Question 6

A _____ is an initial audit to determine whether a computer system or workflow collects, stores, or processes PII to a degree where a PIA must be performed.

Answer 6

Privacy Threshold Analysis (PTA)

Question 7

The _____ management model identifies the processes and procedures for managing data from cradle to the grave. This model includes creation, use, retention, and disposal.

Answer 7

information life cycle

Question 8

A _____ role is primarily responsible for data quality. This involves tasks such as ensuring data is labeled and identified with appropriate metadata, and that data is collected and stored in a format that complies with regulations.

Answer 8

data steward

Question 9

A _____ is responsible for managing the system where the data assets are stored. This includes responsibility for enforcing access control, encryption, along with backup and recovery measures.

Answer 9

data custodian

Question 10

A _____ has the ultimate responsibility for maintaining the confidentiality, integrity, and availability of the information asset.

Answer 10

data owner

Question 11

A _____ collects and analyzes data based on a data collector’s set of predefined instructions.

Answer 11

data processor

Question 12

A _____ is responsible for determining why and how data is stored, collected, and used within a lawful manner. They define what a data processor should collect and why.

Answer 12

data controller

Question 13

A _____ is responsible for oversight of any Personally Identifiable Information (PII) assets managed by a company. This role ensures that the processing and disclosure of PII comply with legal and regulatory frameworks and also oversees the retention of PII.

Answer 13

privacy officer

Question 14

An _____ identifies risks and vulnerabilities and the potential impact they could cause an organization or information technology asset. The assessment further identifies methods to limit or mitigate the risks.

Answer 14

impact assessment

Question 15

The ______ is the role mandated by the General Data Protection Regulation (GDPR) that ensures the processing, disclosure, and retention complies with regulatory frameworks.

Answer 15

Data Privacy Officer (DPO)