CIPP US Practice Exam
Questions and Complete
Solutions Graded A+
What kind of liability may only be asserted in court by governmental authorities and not by a private
citizen?
A. Civil
B. Negligence
C. Criminal
D. Invasion of privacy - Answer: C
Which of the following preemployment screening activities would turn a regular consumer report into
an investigative report?
A. The report includes information about prior bankruptcies.
B. The CRA furnishing the report includes information about a job seeker's mortgage payments.
C. The preemployment screening includes a criminal background check.
D. A third‐party agent interviews a job seeker's neighbors about their character. - Answer: D
Dana is frustrated because she continues to receive telemarketing calls from her current internet service
provider (ISP), even though she added her number to the national do‐not‐call list. Is Dana's ISP breaking
the law?
A. Yes, because it is the responsibility of the ISP to maintain an updated copy of the national do‐not‐call
registry.
B. No, because she is a customer of the ISP and the TSR provides an exemption for firms that have an
existing business relationship with a consumer.
C. No, because Dana's ISP may not know she has added her number to the do‐not‐call registry.
D. Yes, because the DNC does not provide an exemption for existing customers. - Answer: B
,Nick and Jenny often meet with other employees in the company cafeteria to advocate for collective
bargaining. One day, Jenny notices that a security camera has suddenly been installed in the cafeteria,
near where they usually sit. Why might this be a problem?
A. Employees have not consented to video surveillance during their lunch hours when not conducting
company business.
B. Video surveillance may inadvertently reveal an employee's physical disability and lead to compliance
risks under the Americans with Disabilities Act (ADA).
C. The company did not post adequate signage to notify the employees of the new video surveillance
system.
D. The NLRB may view the security camera as an attempt to intimidate employees engaging in
unionizing activities. - Answer: D
Gary's firm was recently sued by an athlete who claimed that the firm used his picture in marketing
materials without permission. What type of claim was brought against Gary's firm?
A. False light
B. Appropriation
C. Invasion of solitude
D. Public disclosure of private facts - Answer: B
Which one of the following statements about workforce privacy training is incorrect?
A. Computer‐based training is an acceptable training option.
B. Training should include content on specific regulatory requirements.
C. Training should include details on an individual's role in minimizing privacy risks.
D. Every user should receive the same level of training. - Answer: D
Which one of the following categories would include any information that uniquely identifies an
individual person?
A. PII
B. PHI
C. PFI
D. PCI - Answer: A
,Carla is building an inventory of the information maintained by her organization that should be
considered within the scope of its privacy program. Which one of the following types of information
would not normally be included?
A. Customer transaction records
B. Manufacturing work order records
C. Employee payroll records
D. Job candidate application records - Answer: B
1Which of the following laws was primarily intended to help combat money laundering?
A. RFPA
B. SCA
C. BSA
D. EPCA - Answer: C
What term is used to describe a voluntary agreement between a firm and the federal government
where the firm agrees to engage or not engage in certain business practices?
A. Conviction
B. Retainer agreement
C. Theory of liability
D. Consent decree - Answer: D
What article in the U.S. Constitution defines the powers of the judicial branch?
A. Article I
B. Article II
C. Article III
D. Article IV - Answer: C
What federal privacy law contains specific requirements for how organizations must dispose of sensitive
personal information when it is no longer needed?
A. FERPA
, B. FACTA
C. GLBA
D. SOX - Answer: B
What individual within an organization is likely to bear overall responsibility for a privacy program?
A. CIO
B. CFO
C. CPO
D. CEO - Answer: C
Tom recently filled out a survey about his political and religious views. The survey data is maintained by
a nonprofit research organization. What term best describes Tom's role with respect to this data?
A. Data controller
B. Data processor
C. Data steward
D. Data subject - Answer: D
It is probably permissible to use a polygraph test in preemployment screening for all of the following
jobs, except:
A. U.S. Treasury employee
B. Daycare worker
C. Armored car driver
D. Pharmacist - Answer: B
Which one of the following firms was sanctioned by the Federal Trade Commission (FTC) after an
investigation showed that they were not diligently carrying out privacy program recertifications of their
clients?
A. Snapchat
B. Nomi
C. TRUSTe
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller YourExamplug. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.49. You're not tied to anything after your purchase.