Free Exin PDPF Exam Dumps and PDPF Exam Questions

Question No: 11

MultipleChoice

A controller is processing personal data based on consent of the data subjects. There are no other legitimate grounds. While processing, the controller discovers that a data subject connect for the processing had been received, has died since.

What, according to the GDRP, will be the consequences for the controller with regard to the processing?

Options

AThe controller can proceed with the processing as intended.

BThe controller can proceed, but only for the purposes for which consent has been given

CThe controller must act as if the data subject has withdrawn consent and erase his/her data

DThe controller needs to find the heir in order to require consent for the processing.

Question No: 12

MultipleChoice

According to the GDPR, what is the main reason to consider data protection in the design phase?

Options

AIt ensures efficiency in protect phases

BIt ensures privacy by default

CIt reduces the risk of fraud

DIt reduces the risk of liability

Question No: 13

MultipleChoice

When does the GDPR require data subject consent to a cookie?

Options

AAlways, because a cookie is regarded as an online identifier

BNever, as the EU Cookie Law does not require explicit consent

COnly if the cookie contains authentication information of the data subject

DOnly if the cookie contains shopping basket items

Question No: 14

MultipleChoice

A personal data breach has occurred and the controller is writing a draft notification for the Supervisory Authority. The document describes the nature of the breach and its possible consequeces.it also contains information on the parties that can provide additional information on the data breach to the Supervisory Authority.

What other information should the controller add?

Options

AThe information of local and national authorities that have been informed about the data breach.

BName and contact details of the subjects whose data may be breached.

CSuggested measures to mitigate the adverse consequences of the data breach.

DThe information needed to access the personal data that has been breached.

Question No: 15

MultipleChoice

The General Data Protection Regulation (GDRP) formalization the data subject's right to data portability.

What is the object of data portability?

Options

AThe controller has the light to move the data subject's personal data from one organization to another

BThe data subject has the right to move personal data concerning him or her.

CThe data subject has the right to move his/her data when moving to another county

DThe Supervisory Authority authorizes the movement of personal data.

Question No: 16

MultipleChoice

Personal data as defined in the General Data protection Regulation (GDPR) can be divided in several types.

''Data that directly or indirectly reveal someone's racial or ethnic background, political/philosophical/religious, views, union affiliation and data related to health or sexual habits."

What type of personal data is described?

Options

ADirect personal data

BIndirect personal data

CPseudonymized data

DSensitive personal data

Question No: 17

MultipleChoice

The General Data protection Regulation (GDRP) is based on the principle of proportionality and subsidiarity.

What is the meaning of proportionality in this context?

Options

APersonal data can only be processed in accordance with the purpose specification.

BPersonal data cannot be re-used without explicit and informed consent.

CPersonal data only is processed in case there are no other means to achieve the purposes.

DPersonal data must be adequate, relevant and not excessive in relation to the purposes.

Question No: 18

MultipleChoice

What is a responsibility Supervisory Authorities in EEA countries?

Options

AResearch on security bleaches of corporate information

BSupervision of all data processing operations controlled by a controller in an EEA country

CSupervision of all data processing operations where the data subjects are residents of an EEA courtly

Question No: 19

MultipleChoice

A controller can contract out the processing of personal data to another company, provided a written contract between these partners is in place.

Which clause in this contract is a responsibility of the-controller?

Options

ATo ensure that persons authorized to process the personal data have committed themselves to confidentially or are under an appropriate. Statutory obligation of confidentially

BTo make available all information necessary to demonstrate compliance with the obligations laid down in the GDRP and also for and contribute to audits, including inspections.

Cprocesses the personal data only on documented instructions. Including with regard to transfers of personal data to a third country or an international organization

DTo provide sufficient guarantees for appropriate technical and organizational measures in such a manner that processing will meet the requirements of the GDRP.

Question No: 20

MultipleChoice

What is the of Data Life cycle Management (DLM)?

Options

AEnsuring that an adequate level of data protection is in place during some of the stages in the data life cycle.

BGuaranteeing that personal data is processed in compliance with the GDRP during its lifetime.

CManaging personal data in a way that guarantees the data is accurate and kept up to dale