Professional Documents
Culture Documents
Glossary Tests
Revision 2.0.35
CIPP Guide's CIPP Prep Materials
CIPP__Glossary_Tests Page 1
Table
of
Contents
i v. 2.0.35
Introduction
This booklet consolidates all of the tests from the CIPPguide website as of its date of
publication. Each chapter corresponds to a roughly 25 question test on site. At the end of
each chapter includes the answers. Explanations may be found on the website in the
interactive test engine. Best of luck on the exam!
1 v2.0.35
CIPP__Glossary_Tests 2
CIPP
Glossary Tests
1
A. spambot
B. firewall
C. adblocker
D. spyware
A. is an ally of the EU
B. has signed a contract with the EU Data Protective Directive
C. has laws about individual rights that are similar to those of the EU Data
Protection Directive
D. has no limitations on transfers with countries in the European Economic Area
4. Which of the following are not considered adequate countries by the EU Data
Protection Directive ?
A. the US
3 v2.0.35
B. Switzerland
C. Argentina
D. Canada
A. parent companies
B. Competitors
C. Sister companies
D. Subsidiaries
A. spam
B. affiliate programs
C. pop Ups
D. consumer direction
A. hidden
B. behind a firewall
C. anonymous
D. performing an illegal act
CIPP__Glossary_Tests 4
11. How is authentication different from authorization?
12. What forms of messaging does the Australian SPAM Act of 2003 restrict?
A. fingerprint patterns
B. DNA
C. facial characteristics
D. all of the above
15. -------- are the routine activities undertaken by a company to ensure to their
customers, retailers, warehouses and related groups that the company's services
continue to run without interruption.
5 v2.0.35
17. Activities for which a company may use personal information about a customer
(business need as related to a customer) include:
A. completing a transaction
B. sending "opt in" marketing communications
C. selling customer information to other entities
D. notifying consumers of an emergency in which the risk to their safety is greater
than the risk to their privacy
19. Which of the following is NOT true about the CAN-SPAM Act of 2003?
A. requires entities to get permission to send marketing emails that would qualify
as spam
B. is regulated by the Federal Trade Commission
C. requires commercial email to contain an unsubscribe function which they must
honor
D. requires commercial email to contain notice of adult related content and subject
lines representative of the offer it contains
20. -------- is a form of temporary storage in which a copy of a Web page is saved
to the user's computer or server to allow for faster accessing times
A. cookie
B. caching
C. duplication
D. HTML
A. customer relations
B. customer relationship management
C. customer communications
D. customer contact management
CIPP__Glossary_Tests 6
22. This high-level business executive is in charge of making sure the company
complies with all privacy laws and regulations.
A. privacy manager
B. Chief Executive Officer
C. Chief Privacy Officer
D. Chief Information Officer
24. The Children's Online Privacy Protection Act of 1998 (COPPA) requires all Web
sites geared towards children to include a privacy policy stating any personal
information that may be collected, how and when parental consent should be
obtained, and the responsibility the Web site has towards the safety and privacy of
the child. This law applies to children under the age of:
A. 10
B. 18
C. 15
D. 13
A. Web bug
B. clear GIF
C. spy graphic
D. tracker GIF
7 v2.0.35
Answers
1. A, B, C
2. C
3. C, D
4. A
5. B
6. D
7. B
8. A, B, C
9. C
10. A, C
11. D
12. D
13. A, C, D
14. D
15. business continuity
16. B
17. A, B, D
18. C
19. A
20. B
21. D
22. C
23. B
24. D
25. A, B, D
CIPP__Glossary_Tests 8
CIPP Glossary
Tests
2
A. collection
B. information gathering
C. information database management
D. personal data management
A. phone number
B. national ID number
C. salary information
D. age
9 v2.0.35
CIPP__Glossary_Tests 10
11 v2.0.35
CIPP__Glossary_Tests 12
13 v2.0.35
CIPP__Glossary_Tests 14
15 v2.0.35
CIPP__Glossary_Tests 16
17 v2.0.35
16. This is the name for the formal language, originally created by IBM, that was
proposed at the World Wide Web 2003 consortium to be used in writing privacy
policies dealing with data in IT systems for businesses and other entities:
17. What is the name for the networking card inside a computer, which contains a
personal signifier identifying that computer?
A. IP address
B. ethernet adapter address
C. router address
D. network address
18. What is the name of the most important legislation enacted by the European
Commission in 1996, regulating information privacy and use of personal data?
19. Which of the following are data protection principles addressed in the E.U Data
Protection Directive?
A. transparency
B. data quality
C. business identity authentication
D. proportionality
20. The name for the economic association of European Countries that includes all
of the EU plus Iceland, Norway, and Liechtenstein, creating a single market?
CIPP__Glossary_Tests 18
22. What is the purpose of the European Works Council?
23. This US law regulates the collection, use and sharing of personal data. It
forms the basis of consumer rights in the United States. It specifically places
strict regulations on the use of consumer reports:
24. Which of the following are one of the five principles established by the
Federal Trade Commission to govern fair information practices?
A. Regulation/Control
B. Notice/Awareness
C. Integrity/Security
D. Access/Participation
19 v2.0.35
Answers
1. D
2. A, B, C
3. B
4. A, C
5. B
6. D
7. A, B, D
8. C
9. C
10. D
11. B
12. D
13. C
14. A, B, D
15. C
16. C
17. B
18. C
19. A, B, D
20. D
21. D
22. A, B, C
23. B
24. B, C, D
25. A, B, C
CIPP__Glossary_Tests 20
CIPP Glossary
Tests
4
Questions
1. Which of the following is included under the Integrity/security fair information
principle?
A. router
B. firewall
C. ethernet adapter
D. encryption software
4. This is the term for the software that adds animation and interactivity on Web
pages:
21 v2.0.35
A. HTML
B. Java Script
C. Flash
D. Python
5. The general data protective directive was created by what governing body?
A. the US
B. the EU
C. Canada
D. Australia
A. genetic screening
B. mandatory drug testing
C. mandatory DNA testing
D. genetic monitoring
A. genetic screening
B. mandatory drug testing
C. mandatory DNA
D. genetic monitoring
8. The Gramm-Leach Biley Act (GLBA) is also known under what name?
9. Which of the following changes were made under the Gramm-Leach Biley Act?
CIPP__Glossary_Tests 22
A. IP address
B. customer ID
C. Social Security Number
D. Global Unique Identifier (GUID)
A. health care
B. financial
C. information technology
D. internet businesses
12. Which of the following were new regulations instituted under HIPAA?
13. This is any computer connected to the internet or a network which holds
specific resources other computers within that network may need for accessing data
or information:
A. router
B. ethernet
C. host
D. database
14. Which of the following is an identifier for a computer and the organization
which owns it - specifically within a network?
15. Which of the following is the name for a feature within an electronic document
that, when activated, will bring the user to another location, either in the same
document or a new one (used widely on the internet) ?
23 v2.0.35
16. This is the standard computer language used in building Web pages.
18. This is when someone other than the data subject uses their personal
information "such as name, address, Social Security Number, etc." to commit fraud:
A. mistaken identity
B. misuse of information
C. identity fraud
D. identity theft
19. When collecting data, what information must be given to the individual from
the collector?
20. If a data subject refuses to answer a required question during data collection
do they forfeit their right to access?
A. yes
B. no
C. depends on the situation
D. only if they have a criminal record
22. This is a set of rules used by computers to communicate packets of data across
networks:
CIPP__Glossary_Tests 24
A. HTML
B. Internet Protocol (IP)
C. HTTP
D. encryption
23. 333.333.22.1; 163.45.729.22 - the above are examples of what type of address?
A. GUID
B. MAC
C. IP
D. LAN
A. a computer with a static IP address has the same address every time. A computer
with a dynamic IP address is temporarily assigned an address for each individual
session
B. a static IP address does not change within one session while a dynamic IP
address changes many times within a session to mask activities
C. a static IP address is temporarily assigned for each individual session. A
computer with a dynamic address has the same address every time.
D. None of the above
25. When an entity cuts all ties with a customer with the intent of never resuming
contact:
A. communication termination
B. account deletion
C. customer termination
D. isolation
25 v2.0.35
Answers
1. A, C
2. D
3. B
4. C
5. B
6. D
7. A
8. C
9. A, B, C
10. D
11. A
12. B, C, D
13. C
14. D
15. B
16. A
17. A, C, D
18. D
19. D
20. B
21. A, B, D
22. B
23. C
24. A
25. D
CIPP__Glossary_Tests 26
CIPP Glossary
Tests
5
Questions
1. Javascript is defined as:
2. An entity that has the power to hear and rule on a court case is said to have
---- . (lower case)
A. end-communication list
B. suppression list
C. Do Not Call registry
D. No-contact database
27 v2.0.35
5. What is a member state?
A. non-repudiation
B. conflict resolution
C. compromise
D. waived right to access
7. This is when an individual does not have the ability to opt out of receiving
communications from an entity
A. customer fraud
B. required communication
C. no-opt
D. waived right to access
A. notice
B. alert
C. privacy message
D. privacy document
11. This is the form of consumer agreement in which an individual actively chooses
to receive communications from an entity:
CIPP__Glossary_Tests 28
A. voluntary communication
B. opt-in
C. opt-out
D. messaging sign-up
12. This is the form of consumer agreement in which communication from an entity is
sent because a consumer has not yet expressed a wish to no longer receive
communication
A. involuntary communication
B. opt-in
C. opt-out
D. spam
13. This is when information is automatically collected from Web users when they
access a Web page:
A. information gathering
B. Web-related collection
C. internet collection
D. passive collection
A. access code
B. password
C. username
D. secret code
15. What is the name of legislation passed in 2001 which gave the US government
increased access to personal data and electronic activities?
A. CAN-SPAM Act
B. the Patriot Act
C. the Gramm-Leach Biley Act
D. HIPAA
16. What new requirement did the Patriot Act place on financial institutions
regarding personal data?
29 v2.0.35
17. This is any individual with natural rights or any entity, such as a
corporation with legal rights:
A. person
B. being
C. man
D. protected individual
19. This is any data that can be used to identify and individual
22. Which of the following are part of the standards regarding information
collection under PIPEDA?
A. accuracy
B. child protection
C. individual access
D. accountability
A. IP address
CIPP__Glossary_Tests 30
B. Web site preferences tracked by cookies
C. email address
D. name
A. criminal activity
B. fraudulent collection
C. phishing
D. identity theft
25. This was written by the World Wide Web Consortium to set standards for the
creation and use of privacy friendly applications on the internet:
31 v2.0.35
Answers
1. C
2. jurisdiction
3. B
4. B, C, D
5. C
6. A
7. C
8. A
9. A, B, C
10. D
11. B
12. C
13. D
14. B
15. B
16. D
17. A
18. B
19. A
20. C
21. A, D
22. A, C, D
23. B, C, D
24. C
25. B
CIPP__Glossary_Tests 32
CIPP Glossary
Tests
6
Questions
1. This is when one government's laws override the laws of an inferior government:
A. bypass
B. pretexting
C. legislative overruling
D. preemption
2. Pretexting is:
33 v2.0.35
5. The ability to withhold or limit the amount of information an individual may
share about his or herself is considered:
A. privacy
B. evasion
C. disguise
D. freedom of speech
A. notification
B. mission statement
C. privacy statement
D. personal data objective
A. TRUSTe
B. BBBonline
C. phishing
D. Webtrust
A. database management
B. use and disclosure
C. customer management
D. processing of personal data
9. Profile Information such as an individual's car, zip code, or favorite movie is:
10. This set of rules governs how data is formatted and transmitted, particularly
within a network.
A. HTTP
B. HTML
C. Protocol
D. Encryption Management
A. anonymity
CIPP__Glossary_Tests 34
B. privacy
C. restricting access to the Web
D. faster loading times
13. This is information that can be found in newspapers, telephone directives and
other resources widely available:
A. public record
B. local listings
C. unprotected information
D. publicly available information
14. This is information the government may collect and maintain, made available to
the public:
A. public record
B. government listings
C. legitimate information
D. publicly available information
17. What are some of the differences between US and EU data protection regulations?
A. the EU may sometimes require pre-approval before the transmission of data and
the US does not
B. the EU requires one governing privacy authority for each member, while the US
uses a combination of different regulations and authorities
35 v2.0.35
C. the EU limits transmission of data with other countries while the US does not
D. the US is not as concerned with privacy policy as the EU
20. This consists of all the policies standards and technology that protect
information and support business function.
A. encryption
B. security controls
C. database management
D. customer relations management
21. Which of the following is considered sensitive personal information under the
EU Data Protection Directive?
A. religious beliefs
B. race
C. criminal convictions
D. telephone number
A. opt-out email
B. subscription email
C. scam email
D. spam
CIPP__Glossary_Tests 36
A. Web beacon
B. phishing
C. spyware
D. cookies
24. This is a form of authentication in which a public key of a user is linked with
a private key of a user and used to encrypt and decrypt information to allow for
secure transactions.
A. public certificate
B. strong authentication
C. transaction encryption
D. cryptography
A. affirmative consent
B. subscription
C. passive consent
D. preemption
37 v2.0.35
Answers
1. D
2. B
3. C
4. C
5. A
6. C
7. A, B, D
8. D
9. B
10. C
11. A, C, D
12. C
13. D
14. A
15. B
16. C
17. A, B, C
18. C
19. D
20. B
21. A, B, C
22. D
23. C
24. B
25. A, B
CIPP__Glossary_Tests 38
CIPP Glossary
Tests
7
Questions
1. This is the term for transmitting personal data between companies or countries
in order to complete business or customer transactions.
A. access
B. notice
C. transparency
D. participation
3. This company is the world's largest privacy seal program and serves as a
mediator in privacy disputes for US companies:
4. This is a system in which the user has access and control over all actions:
39 v2.0.35
D. trusted system
A. Suppression
B. Subscription
C. Unsubscribe
D. Active Consent
A. Internet Explorer
B. HTML
C. HTTP
D. World Wide Web
9. This is a feature on a Web page containing blank fields for users to enter
information.
A. blank document
B. Web form
C. personal information collector
D. clear GIF
10. This computer is connected to the internet and receives HTTP requests from
other computers to view HTML documents, such as Web pages:
A. proxy server
B. Web database
C. Web server
D. network router
CIPP__Glossary_Tests 40
Answers
1. D
2. C
3. B
4. D
5. C
6. A, B
7. D
8. A
9. B
10. C
41 v2.0.35