Beruflich Dokumente
Kultur Dokumente
DVD Tests
Revision 2.0.36
CIPP Guide's CIPP Prep Materials
CIPP__DVD_Tests Page 1
Table
of
Contents
i v. 2.0.36
Introduction
This booklet consolidates all of the tests from the CIPPguide website as of its date of
publication. Each chapter corresponds to a roughly 25 question test on site. At the end of
each chapter includes the answers. Explanations may be found on the website in the
interactive test engine. Best of luck on the exam!
1 v2.0.36
CIPP__DVD_Tests 2
CIPP
DVD Tests
1
A. Federal
B. Legislative
C. Executive
D. Judicial
A. Approving laws
B. Creating laws
C. Interpreting laws
D. Enforcing laws
3. The House and the Senate make up which of the following branches of US
government?
A. Congressional
B. Legislative
C. Federal
D. Judicial
A. only the statutes that have been developed by the Legislative Branch of
government.
B. statues enacted by the Legislative branch and regulations developed by Federal
agencies.
C. statutes, regulations and case law
3 v2.0.36
D. statues, regulations, case law and common law.
A. common law
B. civil law
C. regulations
D. case law
7. Which of the following bodies represents an expert resource for other Federal
agencies in terms of privacy issues?
A. Federal regulations
B. privacy legislation
C. industry self-regulation
D. both a and b
A. legal ability
B. jurisdiction
C. practical authority
D. administration rights
A. preemption
B. displacement
C. jurisdiction
D. legal authority
CIPP__DVD_Tests 4
A. 3 questions
B. 4 questions
C. 5 questions
D. 6 questions
14. Which of the following was the first national privacy law to be enacted?
15. Identity theft provisions were added to the Fair Credit Reporting Act (FCRA)
in:
A. 1990
B. 1996
C. 2000
D. 2003
5 v2.0.36
B. an individual's financial information only.
C. seven specific factors about an individual.
D. financial information and employment history.
18. Which of the following is FALSE, according to the FCRA (Fair Credit Reporting
Act)?
19. All of the following bodies enforce the US Fair Credit Reporting Act (FCRA)
EXCEPT:
A. Gramm-Leach-Bliley Act
B. Fair Credit Reporting Act
C. Fair and Accurate Credit Transactions Act
D. California SB 1368
23. The GLBA (Gramm-Leach-Bliley Act) requires all of the following, EXCEPT:
CIPP__DVD_Tests 6
C. financial institutions must provide consumer customers with notices about
privacy and security.
D. financial institutions may share data with other financial institutions.
A. affiliated companies
B. non-affiliated companies
C. other financial institutions
D. joint marketing partners
25. Together, the FTC (Federal Trade Commission) and federal financial regulators
published which of the following to support the GLBA (Gramm-Leach-Bliley Act)?
A. Privacy Rule
B. Safeguards Rule
C. Security Rule
D. both a and b
7 v2.0.36
Answers
1. A
2. D
3. B
4. D
5. A
6. D
7. D
8. C
9. B
10. A
11. D
12. C
13. D
14. A
15. D
16. D
17. C
18. B
19. C
20. A
21. D
22. B
23. A
24. B
25. D
CIPP__DVD_Tests 8
CIPP DVD Tests
2
A. technical security
B. physical security
C. access security
D. administrative security
3. All of the following parties are able to enforce the GLBA (Gramm-Leach-Bliley
Act) EXCEPT:
4. Which of the following laws cover essentially the same thing as the GLBA (Gramm-
Leach-Bliley Act)?
A. California SB 1
B. HIPAA
C. COPPA
D. TSR
9 v2.0.36
5. The California SB 1 requires all of the following EXCEPT:
6. All of the following parties are able to enforce the California SB 1, EXCEPT:
A. individuals
B. California state banking regulators
C. FTC
D. California attorney general
A. New York
B. California
C. Nevada
D. Maine
9. According to state security laws, which of the following states requires that
access to sensitive personal information be limited to paper records?
A. New York
B. California
C. Nevada
D. Maine
10. Many state security laws have special rules for social security numbers, which
include all of the following EXCEPT:
CIPP__DVD_Tests 10
11. In which state must organizations notify affected individuals in the case of a
privacy breach, despite the fact that there is no risk of harm?
A. Arizona
B. Texas
C. California
D. New Jersey
12. Unlike other state security laws, the state of Oregon requires that which of
the following pieces of information is included in a breach notification letter?
13. The HIPAA (Health Insurance Portability and Accountability Act) directly covers
all of the following entities EXCEPT:
A. health plans
B. users of personal health information
C. health care providers
D. health care clearinghouses
14. Which of the following is a required use/disclosure under the HIPAA (Health
Insurance Portability and Accountability Act)?
15. All of the following are HIPAA (Health Insurance Portability and Accountability
Act) Privacy Rule fundamentals, EXCEPT:
16. The HIPAA (Health Insurance Portability and Accountability Act), Security Rule
applies to:
11 v2.0.36
17. There are two rules under the HIPAA (Health Insurance Portability and
Accountability Act), the:
18. All of the following entities enforce the HIPAA (Health Insurance Portability
and Accountability Act), EXCEPT:
19. If an entity does not comply with the HIPAA (Health Insurance Portability and
Accountability Act) it could face fines of up to:
A. $1000
B. $20000
C. $250000
D. $1 million
20. The HIPAA (Health Insurance Portability and Accountability Act) Security Rule
is enforced by:
21. The HIPAA (Health Insurance Portability and Accountability Act) Privacy Rule is
enforced by:
22. The HIPAA (Health Insurance Portability and Accountability Act) exists for all
of the following reasons EXCEPT:
CIPP__DVD_Tests 12
23. Who is regulated under the COPPA (Children's Online Privacy Act)?
24. The COPPA (Children's Online Privacy Act) covers collection and use of
information from children under the age of:
A. 10
B. 12
C. 13
D. 16
25. According to the COPPA (Children's Online Privacy Act), website operators are
to collect personal information from children, they must first secure:
13 v2.0.36
Answers
1. C
2. C
3. B
4. A
5. A
6. C
7. D
8. C
9. A
10. B
11. C
12. A
13. B
14. C
15. D
16. D
17. B
18. B
19. C
20. D
21. B
22. B
23. B
24. C
25. D
CIPP__DVD_Tests 14
CIPP DVD Tests
3
Questions
1. CARU (Children's Advertising Review Unit) is an organization responsible for
understanding how children are marketed to. It is part of the:
A. opt-in choice
B. opt-out choice
C. both opt-in and opt-out options
D. non of the above
A. every week
B. every month
C. every year
D. every two years
15 v2.0.36
5. Which of the following entities has the ability to enforce the US federal Do-
Not-Call Registry?
6. According to the Federal Trade Commission's all of the following are included
under the Telemarketing Sales Rules (TSR), EXCEPT:
7. All of the following entities are regulated by the Federal Trade Commission's
Telemarketing Sales Rules, EXCEPT:
CIPP__DVD_Tests 16
D. unsolicited commercial faxes have been prohibited since 1991.
11. The JFPA (Junk Fax Prevention Act) permits commercial faxes:
12. All of the following statements regarding the JFPA (Junk Fax Prevention Act)
are true, EXCEPT:
13. The CAN-SPAM Act (Controlling the Assault of Non-Solicited Pornography and
Marketing Act, 2003) covers the transmission of:
A. commercial faxes
B. commercial phone calls
C. commercial e-mail messages
D. all of the above
15. Which of the following statements is TRUE regarding sending commercial messages
to wireless devices?
A. The sender is prohibited from charging fees for the consent or revocation
process.
B. Opt-out choice must be provided.
C. This is regulated by the FCC.
D. The individual must be presented with a consent form with specific criteria.
16. When comparing EU with US workplace privacy approaches, which of the following
17 v2.0.36
is NOT true?
21. All of the following entities regulate workplace privacy in the US except:
22. All of the following are US Federal laws that restrict the information that an
CIPP__DVD_Tests 18
employer can collect from employees, EXCEPT:
23. All of the following are US Federal laws that regulate employee benefits
management, EXCEPT:
24. Which of the following laws regulates the use of consumer reports in employee
background checks?
A. race
B. gender
C. national origin
D. all of the above
19 v2.0.36
Answers
1. B
2. B
3. C
4. B
5. C
6. C
7. D
8. D
9. B
10. D
11. B
12. A
13. C
14. C
15. B
16. D
17. C
18. B
19. B
20. A
21. C
22. D
23. C
24. B
25. D
CIPP__DVD_Tests 20
CIPP DVD Tests
4
Questions
1. About which of the following would an employer be legally able to ask a job
applicant?
21 v2.0.36
C. Posting photos on websites should be done with employee consent.
D. Employers are not permitted to request that applicants submit a photograph
before they are hired.
A. There are very few state laws regarding the collection of SSNs.
B. The best practice is collection of SSNs from employees as soon as possible.
C. If SSN information is leaked, a security breach notification need not be
released.
D. There are no laws that prohibit the collection of SSN prior to job offer.
7. The Employee Polygraph Protection Act of 1998 (EPP) prohibits employers from
doing all of the following EXCEPT:
8. Which of the following statements is NOT true about workplace drug and alcohol
tests in the US?
CIPP__DVD_Tests 22
10. Periodic testing of genetic material to identify modifications due to workplace
conditions is referred to as:
A. examining
B. screening
C. monitoring
D. regulating
11. Which of the following should not be included in an employee background check?
A. credit records
B. professional credentials
C. arrests
D. civil litigation history
12. Which of the following statements regarding the FCRA (Fair Credit Reporting
Act) is NOT true?
A. The FCRA applies whenever criminal records are accessed to make a decision about
employment.
B. Usage of third-party data for employment screening is prohibited under the FCRA.
C. Use of search engines to screen prospective employees is prohibited.
D. Employers require the employees written consent to use consumer reports for
decision making purposes (e.g. qualification for a promotion).
A. consumer records
B. driving records
C. academic records
D. racial or ethnic information
23 v2.0.36
16. Which of the following is NOT true regarding video monitoring in the US?
18. Which of the following states have specific statues requiring notice prior to
electronic monitoring in the workplace?
A. Delaware
B. Florida
C. California
D. Illinois
19. Which of the following statements is NOT true of employee monitoring outside
the US?
20. FACTA (Fair and Accurate Credit Transactions Act) permits third-party workplace
investigations, for all of the following situations, EXCEPT:
A. If the report is only given to the employer, government regulators and self-
regulatory organizations.
B. If the report is a result of an investigation conducted for specific purposes
(i.e. due to suspected misconduct).
C. If the report is released to future employers, it is treated as highly sensitive
data.
D. If the report does not include an investigation of credit worthiness.
21. When the executive branch sues a person because of violation of a criminal law,
this is referred to as:
A. executive litigation
B. criminal litigation
C. civil litigation
CIPP__DVD_Tests 24
D. federal litigation
A. negligence
B. deceptive trade practices
C. unfair practices
D. all of the above
A. return on investment
B. reticence and over-compliance costs
C. change management practices
D. legal compliance obligations
25 v2.0.36
Answers
1. A
2. C
3. C
4. B
5. D
6. A
7. D
8. B
9. A
10. C
11. C
12. B
13. C
14. D
15. A
16. B
17. B
18. A
19. D
20. C
21. B
22. A
23. C
24. A
25. C
CIPP__DVD_Tests 26