Join the discussion
Question 1/143
SCENARIO
Clean-Q is a company that offers house-hold and office cleaning services. The company receives requests from consumers via their website and telephone, to book cleaning services. Based on the type and size of service, Clean-Q then contracts individuals that are registered on its resource database - currently managed in-house by Clean-Q IT Support. Because of Clean-Q's business model, resources are contracted as needed instead of permanently employed.
The table below indicates some of the personal information Clean-Q requires as part of its business operations:
Clean-Q has an internal employee base of about 30 people. A recent privacy compliance exercise has been conducted to align employee data management and human resource functions with applicable data protection regulation. Therefore, the Clean-Q permanent employee base is not included as part of this scenario.
With an increase in construction work and housing developments, Clean-Q has had an influx of requests for cleaning services. The demand has overwhelmed Clean-Q's traditional supply and demand system that has caused some overlapping bookings.
Ina business strategy session held by senior management recently, Clear-Q invited vendors to present potential solutions to their current operational issues. These vendors included Application developers and Cloud-Q's solution providers, presenting their proposed solutions and platforms.
The Managing Director opted to initiate the process to integrate Clean-Q's operations with a cloud solution (LeadOps) that will provide the following solution one single online platform: A web interface that Clean-Q accesses for the purposes of resource and customer management. This would entail uploading resource and customer information.
A customer facing web interface that enables customers to register, manage and submit cleaning service requests online.
A resource facing web interface that enables resources to apply and manage their assigned jobs.
An online payment facility for customers to pay for services.
What is a key consideration for assessing external service providers like LeadOps, which will conduct personal information processing operations on Clean-Q's behalf?
Clean-Q is a company that offers house-hold and office cleaning services. The company receives requests from consumers via their website and telephone, to book cleaning services. Based on the type and size of service, Clean-Q then contracts individuals that are registered on its resource database - currently managed in-house by Clean-Q IT Support. Because of Clean-Q's business model, resources are contracted as needed instead of permanently employed.
The table below indicates some of the personal information Clean-Q requires as part of its business operations:
Clean-Q has an internal employee base of about 30 people. A recent privacy compliance exercise has been conducted to align employee data management and human resource functions with applicable data protection regulation. Therefore, the Clean-Q permanent employee base is not included as part of this scenario.
With an increase in construction work and housing developments, Clean-Q has had an influx of requests for cleaning services. The demand has overwhelmed Clean-Q's traditional supply and demand system that has caused some overlapping bookings.
Ina business strategy session held by senior management recently, Clear-Q invited vendors to present potential solutions to their current operational issues. These vendors included Application developers and Cloud-Q's solution providers, presenting their proposed solutions and platforms.
The Managing Director opted to initiate the process to integrate Clean-Q's operations with a cloud solution (LeadOps) that will provide the following solution one single online platform: A web interface that Clean-Q accesses for the purposes of resource and customer management. This would entail uploading resource and customer information.
A customer facing web interface that enables customers to register, manage and submit cleaning service requests online.
A resource facing web interface that enables resources to apply and manage their assigned jobs.
An online payment facility for customers to pay for services.
What is a key consideration for assessing external service providers like LeadOps, which will conduct personal information processing operations on Clean-Q's behalf?
Correct Answer: C
Add Comments
- Other Question (143q)
- Q1. SCENARIO Clean-Q is a company that offers house-hold and office cleaning services. The com...
- Q2. An organization is evaluating a number of Machine Learning (ML) solutions to help automate...
- Q3. An individual drives to the grocery store for dinner. When she arrives at the store, she r...
- Q4. SCENARIO - Please use the following to answer the next question: It should be the most sec...
- Q5. Organizations understand there are aggregation risks associated with the way the process t...
- Q6. SCENARIO Tom looked forward to starting his new position with a U.S -based automobile leas...
- Q7. of the following best describes a network threat model and Its uses?...
- Q8. Which of the following statements best describes the relationship between privacy and secu...
- Q9. What is a mistake organizations make when establishing privacy settings during the develop...
- Q10. What is the main reason a company relies on implied consent instead of explicit consent fr...
- Q11. Which is NOT a suitable method for assuring the quality of data collected by a third-party...
- Q12. All of the following can be indications of a ransomware attack EXCEPT?...
- Q13. Which of the following is a stage in the data life cycle?...
- Q14. Which is NOT a suitable action to apply to data when the retention period ends?...
- Q15. Which is likely to reduce the types of access controls needed within an organization?...
- Q16. Which of the following methods does NOT contribute to keeping the data confidential?...
- Q17. Which of the following provides a mechanism that allows an end-user to use a single sign-o...
- Q18. When releasing aggregates, what must be performed to magnitude data to ensure privacy?...
- Q19. SCENARIO - Please use the following to answer the next question: Carol was a US-based glas...
- Q20. What can be used to determine the type of data in storage without exposing its contents?...
- Q21. A privacy engineer reviews a newly developed on-line registration page on a company's webs...
- Q22. SCENARIO Please use the following to answer the next question: Light Blue Health (LBH) is ...
- Q23. A jurisdiction requiring an organization to place a link on the website that allows a cons...
- Q24. What distinguishes a "smart" device?
- Q25. SCENARIO Please use the following to answer the next question: Chuck, a compliance auditor...
- Q26. What is the goal of privacy enhancing technologies (PETS) like multiparty computation and ...
- Q27. SCENARIO Looking back at your first two years as the Director of Personal Information Prot...
- Q28. Which of the following is a vulnerability of a sensitive biometrics authentication system?...
- Q29. In the realm of artificial intelligence, how has deep learning enabled greater implementat...
- Q30. What must be done to destroy data stored on "write once read many" (WORM) media?...
- Q31. What is the most important requirement to fulfill when transferring data out of an organiz...
- Q32. An organization must terminate their cloud vendor agreement immediately. What is the most ...
- Q33. SCENARIO Please use the following to answer the next questions: Your company is launching ...
- Q34. SCENARIO - Please use the following to answer the next question: WebTracker Limited is a c...
- Q35. A key principle of an effective privacy policy is that it should be?...
- Q36. Which technique is most likely to facilitate the deletion of every instance of data associ...
- Q37. What term describes two re-identifiable data sets that both come from the same unidentifie...
- Q38. SCENARIO Clean-Q is a company that offers house-hold and office cleaning services. The com...
- Q39. SCENARIO Carol was a U.S.-based glassmaker who sold her work at art festivals. She kept th...
- Q40. SCENARIO Please use the following to answer the next question: Light Blue Health (LBH) is ...
- Q41. What is the distinguishing feature of asymmetric encryption?...
- Q42. Which is NOT a suitable action to apply to data when the retention period ends?...
- Q43. What is the main function of the Amnesic Incognito Live System or TAILS device?...
- Q44. An organization is using new technologies that will target and process personal data of EU...
- Q45. What must be used in conjunction with disk encryption?...
- Q46. Truncating the last octet of an IP address because it is NOT needed is an example of which...
- Q47. An organization is reliant on temporary contractors for performing data analytics and they...
- Q48. An organization is deciding between building a solution in-house versus purchasing a solut...
- Q49. What is a main benefit of data aggregation?
- Q50. SCENARIO You have just been hired by Ancillary.com, a seller of accessories for everything...
- Q51. SCENARIO You have just been hired by Ancillary.com, a seller of accessories for everything...
- Q52. During a transport layer security (TLS) session, what happens immediately after the web br...
- Q53. Under the Family Educational Rights and Privacy Act (FERPA), releasing personally identifi...
- Q54. SCENARIO Tom looked forward to starting his new position with a U.S -based automobile leas...
- Q55. SCENARIO Kyle is a new security compliance manager who will be responsible for coordinatin...
- Q56. SCENARIO Please use the following to answer the next question: Light Blue Health (LBH) is ...
- Q57. What is the main privacy threat posed by Radio Frequency Identification (RFID)?...
- Q58. Which of the following is the best method to minimize tracking through the use of cookies?...
- Q59. Why is first-party web tracking very difficult to prevent?...
- Q60. SCENARIO You have just been hired by Ancillary.com, a seller of accessories for everything...
- Q61. What is an example of a just-in-time notice?
- Q62. A valid argument against data minimization is that it?...
- Q63. A sensitive biometrics authentication system is particularly susceptible to?...
- Q64. Which is the most accurate type of biometrics?...
- Q65. What is a main benefit of data aggregation?
- Q66. Which of the following suggests the greatest degree of transparency?...
- Q67. SCENARIO - Please use the following to answer the next question: Wesley Energy has finally...
- Q68. SCENARIO Please use the following to answer the next question: Chuck, a compliance auditor...
- Q69. During a transport layer security (TLS) session, what happens immediately after the web br...
- Q70. SCENARIO Kyle is a new security compliance manager who will be responsible for coordinatin...
- Q71. How does k-anonymity help to protect privacy in micro data sets?...
- Q72. Which of the following are the mandatory pieces of information to be included in the docum...
- Q73. SCENARIO Clean-Q is a company that offers house-hold and office cleaning services. The com...
- Q74. Ivan is a nurse for a home healthcare service provider in the US. The company has implemen...
- Q75. What is a mistake organizations make when establishing privacy settings during the develop...
- Q76. What is the main benefit of using a private cloud?...
- Q77. SCENARIO Clean-Q is a company that offers house-hold and office cleaning services. The com...
- Q78. SCENARIO Clean-Q is a company that offers house-hold and office cleaning services. The com...
- Q79. In day to day interactions with technology, consumers are presented with privacy choices. ...
- Q80. Between November 30th and December 2nd, 2013, cybercriminals successfully infected the cre...
- Q81. Which of the following does NOT illustrate the 'respect to user privacy' principle?...
- Q82. SCENARIO Clean-Q is a company that offers house-hold and office cleaning services. The com...
- Q83. What is the most important requirement to fulfill when transferring data out of an organiz...
- Q84. SCENARIO It should be the most secure location housing data in all of Europe, if not the w...
- Q85. SCENARIO It should be the most secure location housing data in all of Europe, if not the w...
- Q86. SCENARIO Tom looked forward to starting his new position with a U.S -based automobile leas...
- Q87. Which of the following statements is true regarding software notifications and agreements?...
- Q88. What is the best way to protect privacy on a geographic information system?...
- Q89. What has been found to undermine the public key infrastructure system?...
- Q90. SCENARIO You have just been hired by Ancillary.com, a seller of accessories for everything...
- Q91. SCENARIO - Please use the following to answer the next question: Clean-Q is a company that...
- Q92. A BaaS provider backs up the corporate data and stores it in an outsider provider under co...
- Q93. SCENARIO - Please use the following to answer the next question: You have just been hired ...
- Q94. A sensitive biometrics authentication system is particularly susceptible to?...
- Q95. Which of the following would be an example of an "objective" privacy harm to an individual...
- Q96. SCENARIO Clean-Q is a company that offers house-hold and office cleaning services. The com...
- Q97. Granting data subjects the right to have data corrected, amended, or deleted describes?...
- Q98. SCENARIO Carol was a U.S.-based glassmaker who sold her work at art festivals. She kept th...
- Q99. Which of the following is NOT a workplace surveillance best practice?...
- Q100. SCENARIO - Please use the following to answer the next question: It should be the most sec...
- Q101. SCENARIO WebTracker Limited is a cloud-based online marketing service located in London. L...
- Q102. SCENARIO Please use the following to answer the next questions: Your company is launching ...
- Q103. What is true of providers of wireless technology?...
- Q104. Which of the following is NOT relevant to a user exercising their data portability rights?...
- Q105. A clinical research organization is processing highly sensitive personal data, including n...
- Q106. What tactic does pharming use to achieve its goal?...
- Q107. SCENARIO Please use the following to answer the next questions: Your company is launching ...
- Q108. Which is NOT a drawback to using a biometric recognition system?...
- Q109. SCENARIO Looking back at your first two years as the Director of Personal Information Prot...
- Q110. What is the main function of the Amnesiac Incognito Live System or TAILS device?...
- Q111. SCENARIO Looking back at your first two years as the Director of Personal Information Prot...
- Q112. SCENARIO Tom looked forward to starting his new position with a U.S -based automobile leas...
- Q113. After committing to a Privacy by Design program, which activity should take place first?...
- Q114. To comply with the Sarbanes-Oxley Act (SOX), public companies in the United States are req...
- Q115. SCENARIO It should be the most secure location housing data in all of Europe, if not the w...
- Q116. SCENARIO Please use the following to answer the next question: Looking back at your first ...
- Q117. Which is NOT a drawback to using a biometric recognition system?...
- Q118. What is an Access Control List?
- Q119. An organization is launching a new online subscription-based publication. As the service i...
- Q120. SCENARIO Carol was a U.S.-based glassmaker who sold her work at art festivals. She kept th...
- Q121. SCENARIO It should be the most secure location housing data in all of Europe, if not the w...
- Q122. An organization has recently experienced a data breach where large amounts of personal dat...
- Q123. A credit card with the last few numbers visible is an example of what?...
- Q124. How does browser fingerprinting compromise privacy?...
- Q125. SCENARIO Carol was a U.S.-based glassmaker who sold her work at art festivals. She kept th...
- Q126. Which of the following techniques describes the use of encryption where encryption keys ar...
- Q127. Which is NOT a suitable method for assuring the quality of data collected by a third-party...
- Q128. SCENARIO Please use the following to answer the next question: Jordan just joined a fitnes...
- Q129. Granting data subjects the right to have data corrected, amended, or deleted describes?...
- Q130. What is the distinguishing feature of asymmetric encryption?...
- Q131. Which of the following is considered a client-side IT risk?...
- Q132. What is the main benefit of using a private cloud?...
- Q133. What is true of providers of wireless technology?...
- Q134. Which is NOT a way to validate a person's identity?...
- Q135. Which is NOT a suitable action to apply to data when the retention period ends?...
- Q136. A user who owns a resource wants to give other individuals access to the resource. What co...
- Q137. All of the following can be indications of a ransomware attack EXCEPT?...
- Q138. What is the most important requirement to fulfill when transferring data out of an organiz...
- Q139. SCENARIO WebTracker Limited is a cloud-based online marketing service located in London. L...
- Q140. Granting data subjects the right to have data corrected, amended, or deleted describes?...
- Q141. SCENARIO - Please use the following to answer the next question: It should be the most sec...
- Q142. Which of the following is NOT a valid basis for data retention?...
- Q143. SCENARIO Please use the following to answer the next question: Light Blue Health (LBH) is ...
