4/16/24, 2:44 PM Compulsory Internal Assignment (CBCS SEMESTER PATTERN)
Compulsory Internal Assignment (CBCS SEMESTER
PATTERN) Upto C23 Batch
Welcome : SANGEETH P T (A22105PCI6110)
Subject Name : DATA PRIVACY(SPCI205) - Assessment - 1 Menu
1. What deals with the protection of an individual’s information that is implemented while using
the Internet on any computer or personal device?
Digital agony
Digital privacy
Digital secrecy
Digital protection
2. Which browser is used for Privacy purpose?
Chrome
Firefox
Opera
Tor
3. Most computer crimes are committed by
Hackers
International spies
Highly paid computer consultants
Web designers
4. A step for maintaining security of important data on a computer is known as
Data Backup
Data Protection
Data Locking
Data Securing
5. Most devastating loss to a company is
Loss of hardware
Loss of data
Loss of software
Loss of print outs
www.ideunom.ac.in/mcq/questionpaper_pg.php?eGprSTdzUmk0R3hKMDkyYWJrZTMzUzViZTFrTi9ISWVmbHdveEJ6Z2s4RlBBMEx2VVNCYkw… 1/4
�4/16/24, 2:44 PM Compulsory Internal Assignment (CBCS SEMESTER PATTERN)
6. What does the term 'accountability' mean in the GDPR?
The obligation to be able to demonstrate compliance with the GDPR
The obligation to explain non-compliance
The application of mechanisms that can reduce data protection risks
The implementation of a data protection policy
7. Which processing principle requires the personal data to be up to date?
Accuracy
Purpose limitation
Storage limitation
Integrity and confidentiality
8. The GDPR defines a certain data protection role as “... the natural or legal person, public
authority, agency or other body which, alone or jointly with others, determines the purposes and
means of the processing of personal data". Which role is this?
Processor
Controller
Supervisory authority
Data protection officer
9. Which of the following activities falls within the GDPR’s material scope?
Member States carrying out activities for the Common Foreign and Security Policy
Processing of personal data wholly or partly by automated means
Processing of personal data by natural persons in the course of a purely personal or
household activity
Processing of personal data by competent authorities for crime prevention
10. Which of the following is not an example of privacy-browser?
Tor
Brave
Epic
Opera
11. A Data Protection Officer (DPO) must be appointed
In all cases, regardless of the levels of data processing
If an organization processes any sensitive personal data relating to EU citizens
If an organization conducts large scale systematic monitoring or processes large amounts
of sensitive personal data
All of the above
12. Techniques for data protection by design include which of the following?
Cleansing
Pseudonymisation
Interpretation
All of the above
www.ideunom.ac.in/mcq/questionpaper_pg.php?eGprSTdzUmk0R3hKMDkyYWJrZTMzUzViZTFrTi9ISWVmbHdveEJ6Z2s4RlBBMEx2VVNCYkw… 2/4
�4/16/24, 2:44 PM Compulsory Internal Assignment (CBCS SEMESTER PATTERN)
13. Within which timeframe are organizations required to respond to data access requests?
40 days
1 month
10 Working days
1 Week
14. Complete the following statement: “Consent must be explicit…”
For all personal data
Only for children under the age of 16
In the case of sensitive personal data or trans-border data flow
In case of medical records of patients
15. Within what period of time is an organization required to notify a supervising authority about a
data breach?
Within 48 hours
Within 12 hours
Within 72 hours
Within 36 hours
16. Which of the following is NOT one of the five stages of the data lifecycle?
Storage
Destruction
Acquisition
Anonymization
17. One of the things that you could NOT do with the enterprise data protection framework is
Perform a gap analysis of existing data protection controls
Remediate data protection gaps
Address segregation of duties issues in an ERP system
Develop a roadmap for the enterprise data protection program
18. Which of the following service provider provides the least amount of built in security?
SaaS
PaaS
IaaS
All of the mentioned
19. Which of the following area of cloud computing is uniquely troublesome?
Auditing
Data integrity
e-Discovery for legal compliance
All of the mentioned
20. In which case must the controller inform the data subject of a personal data breach?
www.ideunom.ac.in/mcq/questionpaper_pg.php?eGprSTdzUmk0R3hKMDkyYWJrZTMzUzViZTFrTi9ISWVmbHdveEJ6Z2s4RlBBMEx2VVNCYkw… 3/4
�4/16/24, 2:44 PM Compulsory Internal Assignment (CBCS SEMESTER PATTERN)
The breach has resulted in the loss of encrypted personal data
The breach involved personal data that had been rectified
The breach is likely to result in high risk to the rights and freedoms of the data subject
The data subject had withdrawn consent to the processing before the breach occurred
SAVE
www.ideunom.ac.in/mcq/questionpaper_pg.php?eGprSTdzUmk0R3hKMDkyYWJrZTMzUzViZTFrTi9ISWVmbHdveEJ6Z2s4RlBBMEx2VVNCYkw… 4/4
