CIPT® Sample Questions

An IAPP Publication
v5.1
About the IAPP CIPT Sample Questions

The IAPP CIPT Sample Questions are designed to support your preparation for the CIPT
certification exam. Developed using IAPP study resources as well as subject matter
experts’ practical knowledge of the topics set forth in the IAPP’s CIPT Body of
Knowledge, the sample questions can help identify your relative strengths and
weaknesses in the major domains of the CIPT Body of Knowledge.

All items on the IAPP CIPT Sample Questions were reviewed for accuracy at the time
of publication.

The IAPP CIPT Sample Questions were developed independently of the CIPT
certification exam and are not intended to represent actual CIPT certification
exam content.

Your performance on the IAPP CIPT Sample Questions is not a

predictor of your performance on the CIPT certification exam.

Do you have questions or comments?

Please contact us at [email protected]

The CIPT Sample Questions and references may not be reproduced

in any manner other than for use by the original purchaser.

CIPP, CIPP/US, CIPP/C, CIPP/E, CIPP/G, CIPM, CIPT and IAPP are registered trademarks of the
International Association of Privacy Professionals, Inc. registered in the U.S. CIPP, CIPP/E, CIPM, CIPT
and IAPP are also registered in the EU as Community Trademarks (CTM). IAPP is a registered trademark
in Brazil.
© 2022 by the International Association of Privacy Professionals (IAPP). All rights reserved. No part of
this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any
means, mechanical, photocopying, recording or otherwise, without the prior, written permission of the
publisher, International Association of Privacy Professionals, Pease International Tradeport, 75 Rochester
Ave., Portsmouth, NH 03801, United States of America.
Instructions

1. Remove/Print a copy of the Answer Sheet.

2. To simulate a timed test, set a timer for 40 minutes.

3. Complete the test without referring to the Answer Key or References.

4. Check your answers against the Answer Key.

5. For each correct response, write a “1” in the corresponding domain

column of the Answer Key.

6. Add up the number of correct answers under each domain column.

7. To compare how you did in each domain, calculate your scores as a

percent:

a. Divide the number of correct answers by the total number of

questions in that domain
b. Multiply that number by 100

8. Consult the References for detailed explanations of each answer and the
section of the Body of Knowledge to which the question relates.

© 2021 by the International Association of Privacy Professionals (IAPP). All rights reserved.
CIPT Sample Questions

1. Which of the following may pose a “client side” privacy risk?

A. An employee loading personal data on a company laptop.

B. Failure of a firewall that is protecting the company’s network.
C. A distributed denial of service (DDoS) attack on the organization.
D. A remote employee placing communication software on a company server.

2. You are browsing the web and shopping for new patio furniture. You then open your
favorite social media app and begin to scroll through the posts. While doing so, you start
noticing ads for patio furniture. This is an example of what?

A. Direct marketing.
B. Individual advertising.
C. Behavioral advertising.
D. Indirect marketing.

3. Which of the following privacy practices would be most useful to users who are not
knowledgeable about protecting their personal information?

A. Choice.
B. Control.
C. Notice.
D. Consent.

4. Which of the following privacy-related principles would be the main concern during the
data usage stage of the data life cycle?

A. Transparency.
B. Data minimization.
C. Storage limitation.
D. Purpose limitation.

5. Under the EU’s General Data Protection Regulation (GDPR), which of the following types
of information would NOT require notification to a supervisory authority in the event of a
personal data breach?

A. Pseudonymized data.
B. Anonymized data.
C. Reidentified data.
D. Deidentified data.

© 2021 by the International Association of Privacy Professionals (IAPP). All rights reserved.
6. Authentication can be accomplished by a variety of mechanisms. Which are the four main
categories?

A. What you know, when you know, where you are, what you are.
B. What you know, what you have, when you know, where you are.
C. What you know, what you have, where you are, what you are.
D. What you know, what you have, where you are, when you know.

7. The acronym PGP stands for:

A. Protect Good People.

B. Planned Group Protocol.
C. Pretty Good Privacy.
D. Parsed Group Protocol.

8. Julie needs to securely transfer a file containing personal data to Katlyn. They decide to
use asymmetric encryption. Select the correct steps that Julie and Katlyn should use.

A. Julie encrypts the file using her own private key and Katlyn decrypts the file using her
own public key.
B. Julie encrypts the file using Katlyn’s public key and Katlyn decrypts the file using her
own private key.
C. Julie encrypts the file using her own public key and Katlyn decrypts the file using
Julie’s public key.
D. Julie encrypts the file using Katlyn’s private key and Katlyn decrypts the file using
Julie’s public key.

9. When purchasing a product from TripeType’s website, a customer must enter basic
information into a purchase form. A link to TripeType’s privacy statement is provided on
the purchase form. However, it does not disclose that it will use personal information for
other purposes. The statement provides that TripeType will store the customer
information in its database. A month later, TripeType’s sales team wants to generate new
leads and decides to use the information collected from customers. This is an example of
what?

A. Secondary use.
B. Involuntary use.
C. Disapproved use.
D. Selective use.

© 2021 by the International Association of Privacy Professionals (IAPP). All rights reserved.
10. Which of the following explains why it is difficult to regulate what individually identifiable
data is?

A. Many people mistakenly expose personal information online.

B. Personal information means different things to different people.
C. Most legislative bodies are hesitant to enact laws about identifiable data.
D. Data that is not overtly identifiable can be combined to identify individuals.

11. Ubiquitous computing can raise significant concerns about the sheer volume of data that
can be collected by a system. Each of the following are necessary considerations when
utilizing a data collection process that falls into this category EXCEPT which?

A. The system should provide end-users with both feedback and control.
B. The system should have obvious value.
C. The retention of data by the system should be limited.
D. The data collected by system should be aggregated and made available to all users.

12. In creating a registration form for a mobile app directed at grade school children, what
privacy engineering objective is addressed by asking for grade level instead of date of
birth?

A. Disassociability.
B. Manageability.
C. Security.
D. Predictability

13. Which of the following is NOT an example of automated decision-making?

A. Receiving an answer to a support question utilizing a chatbot.

B. Obtaining approval for insurance through an online application.
C. Requesting an emailed catalog from an online retailer.
D. Setting airfare based on browser history and date of purchase.

14. Which of the following circumstances would best be addressed by utilizing radio frequency
identification (RFID) technology?

A. An organization has a high error rate for entering credit card data into its POS system.
B. An organization requires two-way communication between its discoverable devices.
C. An organization needs to develop an encryption-supported network.
D. An organization’s inventory process is taking too long.

© 2021 by the International Association of Privacy Professionals (IAPP). All rights reserved.
15. What type of interference occurs when false or inaccurate information on a credit
application results in denial of credit?

A. Decisional.
B. Intrusion.
C. Disclosure.
D. Appropriation.

16. Which of the following is an objective for privacy engineering?

A. Encryption.
B. Anonymization.
C. Manageability.
D. Audit.

17. Which of the following technologies allows individuals to participate in a salary survey
without revealing the specific salary or personal information of any of the participants?

A. Secure multiparty computation.

B. Digital rights management.
C. Ciphertext.
D. Homomorphic encryption.

18. An organization wants to enter into a contract with a third-party cloud provider for
storage of client personal information. The business head is entering into this agreement
to eliminate risk associated with a data breach by transferring the information to the
third-party processor. She asks you if this is a good way to eliminate breach risk. Please
choose the best response from the choices below.

A. Third party processors have sole liability for the data they process, because the data is
in their possession. We can rely on the security program of the third party since they
did not report a data breach in the previous 12 months.
B. Under most privacy and data protection laws, following a data breach, an organization
retains liability for personal data that it has collected and transferred to third party
processors. Third party processors may share liability for the breach as well. We
should routinely validate data protection controls of third parties we are doing
business with to make sure our client data is protected properly.
C. Organizations can transfer data to a third party to avert all liability for damages
resulting from a data breach. We can use contract language to eliminate the need for
third party due diligence.
D. Organizations can only be liable for data breaches if an individual brings a lawsuit. A
government agency is able to investigate the organization but can only issue orders to
the organization to correct deficiencies in the information security program. Money
penalties are only available to individual plaintiffs, or as a result of a class action.

© 2021 by the International Association of Privacy Professionals (IAPP). All rights reserved.
19. When creating a data inventory, it is important to include a range of detailed information
on the company's data assets. This information should include how the data is accessed
and by whom, how the data is managed, who owns it, where the data is stored, and the
____________ that defines the individual data records and what they contain.

A. Structured data.
B. Schema.
C. Metadata.
D. Dictionary.

20. Testing during software development generally consists of which two sets of activities?

A. Implementation and deployment.

B. Alpha and beta testing.
C. Validation and verification.
D. Runtime monitoring and auditing.

21. A marketing lead has collected a large data set of personal information and stored it in a
shared folder. The marketing lead controls who has access to the shared folder. The type
of access control being used is:

A. Discretionary.
B. Mandatory.
C. Attribute-Based.
D. Rule-Based.

22. Vulnerability is determined by what two factors?

A. Probability and confidentiality.

B. Capability and portability.
C. Confidentiality and integrity.
D. Capability and probability.

23. Low-level design concerns the details of the overall design of the system and focuses on
improving the quality of programming practices through each of the following mechanisms
EXCEPT:

A. Information hiding.
B. Threat modeling.
C. Reusing existing standard API libraries.
D. Loose coupling.

© 2021 by the International Association of Privacy Professionals (IAPP). All rights reserved.
SCENARIO
Use the following to answer questions 24-25:

You have been tasked with developing an incident response process for your employer,
BrandEnt Company, a media entertainment company.

As the senior manager of information privacy, you have been creating privacy-related
procedures for the company. There has been an uptick in the number of privacy-related
questions being sent to customer service through the website’s generic portal, and the
customer service reps are unsure of what to do with the questions. This has led to the
director of privacy asking that you work with the IT department to identify, track and resolve
privacy-related incidents, as well as with the Information Security team to leverage their
existing incident-management process.

As you review the questions, you notice that many customers are asking what personal
information BrandEnt has collected about them. You grow concerned as you notice that
customer service representatives are not always responding to these inquiries. The website
doesn’t have a portal dedicated to asking privacy-related questions, and instead a general
customer service portal form is being used. This form only requests the customer’s name and
their email address. The site does not require authentication to get to this portal. For
responses that have been processed, the customer service representatives sent compressed
files containing all data collected regarding the individual and sent it to the email provided.

You reach out to the Information Security team to request access to their incident ticketing
system to determine if the existing process can be leveraged. As you review the incident
tickets, you notice several security incidents related to data breaches. After speaking with
the Information Security team lead, you learn that the tickets were closed after the
vulnerabilities were patched and the system owners were notified.

24. Which common privacy principle is missing at BrandEnt?

A. Use limitation.
B. Collection limitation.
C. Security safeguard.
D. Data quality.

25. What follow up should be done regarding the data breaches that have already occurred?

A. Review the fixes applied for the vulnerability and verify that it was applied on all
affected systems.
B. Review the information that was breached and determine what levels of notification
are required.
C. Send a notification to all customers notifying them of the breach.
D. Nothing is required as the security team reviewed and closed the incident.

(End of Sample Questions)

References
© 2021 by the International Association of Privacy Professionals (IAPP). All rights reserved.
1. The correct answer is A. Body of Knowledge Domain V(C): Privacy Engineering (Privacy
Design Patterns)
Client-server architecture describes the relationship between the client, which is
typically a program that runs on a local computer, and the server, which is the program
that runs on a remote computer. One advantage of this architectural paradigm is that it
allows the service to store computer data on the client side for the purpose of completing
transactions. Storing data on the client may introduce privacy risks if the client data is
insecure, or if the storage of this data is not clear to the user and serves the purpose of
surveillance or identification when the user would otherwise prefer to remain anonymous.

2. The correct answer is C. Domain: III(D): Privacy Threats and Violations (Intrusion,
Decisional Interference and Self Representation)
Behavioral advertising is typically utilized online and is the practice of targeting
advertisements using a profile of an individual based on the websites they visit over time.
Online advertisers collect information about a user's browsing behavior and then present
ads based on that data. Concerns around the potential for discriminatory practices and
other misuse of the data contained in the users’ profiles have caused behavioral
advertising to be the subject of significant scrutiny and debate.

3. The correct answer is C. Body of Knowledge Domain I(A): Foundation Principles (Privacy
Risk Models and Frameworks)
Too often privacy notices are not readable, people do not understand what they consent
to, and people are not aware of certain data practices or the privacy settings or controls
available to them. The challenge is that an emphasis on meeting legal and regulatory
obligations is not sufficient to create privacy interfaces that are usable and useful for
users. Usable means that people can find, understand and successfully use provided
privacy information and controls. Useful means that privacy information and controls align
with users’ needs with respect to making privacy-related decisions and managing their
privacy.

4. The correct answer is D. Body of Knowledge Domain I(D): Foundation Principles (The Data
Life Cycle)
The principal of purpose limitation states that personal information should not be
disclosed, made available or otherwise used for purposes other than those disclosed at the
time of collection (unless necessary to comply with the law) without the express consent
of the individual. For example, when an employee provides their home address for payroll
purposes, it should not be disclosed to others for a holiday card exchange without the
employee’s express consent. Implementing data governance policies to manage the flow
of information throughout the life cycle can help to mitigate the risk of improper use of
personal information.

5. The correct answer is B. Body of Knowledge Domain II(B): The Role of IT in Privacy
(Information Security)

© 2021 by the International Association of Privacy Professionals (IAPP). All rights reserved.
Anonymous information, under the GDPR, is personal data that does not relate to an
identified or identifiable natural person or which has been rendered anonymous in such a
manner that the data subject is not or no longer is identifiable. This type of data is not
subject to the GDPR; therefore, the breach notification requirements would not apply.
However, when anonymizing data, data technologists must test the result to ensure that
the individual cannot be reidentified through any means, otherwise, the data is
considered pseudonymized.

6. The correct answer is C. Body of Knowledge Domain IV(B): Technical Measures and Privacy
Enhancing Technologies (Techniques)
Authentication mechanisms fall into four main categories:
1. What you know—secret knowledge held only by the individual corresponding to the
identity;
2. What you have—authentication requires an object possessed by the individual;
3. Where you are—the location matches the expected location; and,
4. What you are—biometric data from the individual.
These mechanisms vary in terms of their ability to be defeated, ease of use, cost and
privacy implications.

7. The correct answer is C. Body of Knowledge Domain IV(B): Technical Measures and Privacy
Enhancing Technologies (Techniques)
Pretty Good Privacy (PGP) is an alternative to the S/MIOME protocol for encrypting email.
PGP uses a model called the Web of Trust for its public key infrastructure. In this model,
individuals create their own public keys and then publish them either on a web page or by
uploading the key to the PGP key server.

8. The correct answer is B. Body of Knowledge Domain IV(B): Technical Measures and Privacy
Enhancing Technologies (Techniques)
Asymmetric encryption algorithms use one key to encrypt data and a second key to
decrypt the data. These keys are typically called the public and private keys, and as a
result asymmetric cryptography is frequently called public key cryptography because one
key is made publicly available and the other key is kept private.

Since Katlyn will be receiving the file, she will need to be able to decrypt it. Therefore,
she provides Julie with a public key to encrypt the file. Once Julie sends it to Katlyn,
Katlyn will use her matching private key to decrypt the file.

9. The correct answer is A. Domain III(B): Privacy Threats and Violations (During Use)
Secondary use involves using an individual’s information without consent for purposes
unrelated to the original reasons for which it was collected. This is in violation of some
privacy laws and regulations, including the European General Data Protection Regulation
(GDPR). Additionally, this conflicts with the principle of purpose specification which
states, in part, that use of personal information should be limited to the fulfillment of the
purpose for which that information is collected.
10. The correct answer is D. Body of Knowledge Domain III(B): Privacy Threats and Violations
(During Use)

© 2021 by the International Association of Privacy Professionals (IAPP). All rights reserved.
While data that is not about an individual is obviously not covered, and data that is
individually identified clearly is, there is a large middle area of data that is not overtly
identified but may be identifiable. Little guidance has been given as to exactly how much
information is needed to cross the threshold into individually identifiable data.

11. The correct answer is D. Body of Knowledge Domain VII(D): Technology Challenges for
Privacy (Ubiquitous Computing)
Ubiquitous computing refers to the transition of computing from purpose-built,
independent computing devices, such as a traditional laptop computer, to computing that
occurs at all times and in all places, such as that seen in smart cities and internet-of-
things devices. As computing occurs ubiquitously, the types and amount of data that can
be collected at scale raise important concerns about privacy, tracking and surveillance.
Important requirements for end-user acceptance of this paradigm from a privacy
perspective include ensuring: the system provides end-users with both feedback and
control, the system has obvious value, and the retention of data is limited.

12. The correct answer is A. Body of Knowledge Domain V(B): Privacy Engineering (Privacy
Engineering Objectives)
Disassociability is the minimization of connections between data and individuals to the
extent compatible with system operational requirements. This minimization can take
many forms, from maximally disassociated data in the form of high-level aggregated data,
for example, to de-identified records pertaining to distinct individuals. Disassociability
can also take the form of architectural data separation, in which identifiable personal
information is kept segregated, but still linkable to, transactional data.

13. The correct answer is C. Body of Knowledge Domain VII(A): Technology Challenges for
Privacy (Automated Decision-Making)
Automated decision-making is the process of making a decision by automated means
without any human involvement, usually done by a computer algorithm. These decisions
can be based on factual data, as well as on digitally created profiles or inferred data.
Automated decision-making can be very useful for organizations and may also benefit
individuals. They can lead to quicker and more consistent decisions, particularly in cases
where a very large volume of data needs to be analyzed and decisions made very
quickly. However, there are risks with automated decision-making. Examples of some of
the risks:
• Automated decision-making uses collected data, in most cases large amounts of
collected data; the more data an organization has, the higher the risk.
• People may not understand how automated decision-making works or how it
affects them.
• Automated decision-making may result in unintentional profiling by an
organization, which individuals may not expect and which the organization has not
disclosed.

14. The correct answer is D. Body of Knowledge Domain VII(B): Technology Challenges for
Privacy (Tracking and Surveillance)

© 2021 by the International Association of Privacy Professionals (IAPP). All rights reserved.
RFID chips are tiny microchips that can be as small as a fraction of a millimeter. Each
microchip is identified by a unique serial number and contains an antenna with which it
transmits information, such as its serial number, to an RFID reader. RFID chips can be
placed on products or cards…for tracking purposes. They are commonly used in supply
chain management to allow companies to track inventory.

15. The correct answer is A. Body of Knowledge Domain III(D): Privacy Threats and Violations
(Intrusion, Decisional Interference and Self Representation)
Decisional interference is any action by an external party, such as a government or
commercial entity, that interferes with decisions that affect the person’s daily life, such
as to borrow money or to obtain lawful employment. Since this form of interference can
be concealed in complex business or IT processes, it may not be easily recognizable by the
person about whom the decision is made, as they may be unaware of the decision-making
process, or the decision itself may be hidden from the person.

Steps the privacy technologist can take:

• Include cross-checks for accuracy when information is transferred from a manual
form into an electronic form
• Ensure that backup storage mechanisms allow for updating information
• Include individuals in the review of their information

16. The correct answer is C. Body of Knowledge Domain V(B): Privacy Engineering (Privacy
Engineering Objectives)
NIST’s Privacy Engineering Program has proposed three privacy engineering objectives
intended to be the privacy version of the traditional security objectives of confidentiality,
integrity, and availability (C-I-A). Predictability aims to enable reliable assumptions about
a system, particularly its data and the processing of that data, by all stakeholders.
Manageability refers to the ability to granularly administer personal information, including
modification, disclosure and deletion. Disassociability is the minimization of connections
between data and individuals to the extent compatible with system operation
requirements.

17. The correct answer is A. Body of Knowledge Domain IV(B): Technical Measures and Privacy
Enhancing Technologies (Techniques)
Secure multiparty computation allows two or more computers to participate in a
computation and compute a mathematical result without otherwise revealing private
information. For example, five people can get together and compute their average
salaries without revealing individual salaries to anyone; not to each other and not to a
third party.

18. The correct answer is B. Body of Knowledge Domain II(B): The Role of IT in Privacy
(Information Security)

© 2021 by the International Association of Privacy Professionals (IAPP). All rights reserved.
Transfer the risk—If there are other entities that can do a better job managing the risk,
transferring the risk may be the best option. For example, using third-party services that
can manage payroll, payment and other financial services using high privacy and security
standards may be preferable to developing an equivalent system from the ground up. This
is especially important when using a compliance model, where these third-party services
have been engineered to conform to specific privacy laws, such as the variety of data
breach notification laws. While the original organization may still bear ultimate legal
responsibility, it has nonetheless transferred relevant risks in part to the third-party
service, as it is the service that must contend with those risks at an operational level.

19. The correct answer is C. Body of Knowledge Domain II(A): The Role of IT in Privacy
(Fundamentals of Privacy-Related IT)
“Meta” is a prefix meaning “an underlying description” in information technology usage.
Metadata is information that is automatically or manually added to content and that can
be later accessed and used during processing or by applications. It describes either a data
set or individual data records and provides information about that data.

20. The correct answer is C. Body of Knowledge Domain VI(A): Privacy by Design Methodology
(The Privacy by Design Process)
Testing may be considered the most crucial phase of software development with regard to
implementing a privacy-friendly design. Testing consists of two parts: verification and
validation. Verification ensures the resultant system performs the way it is supposed to
perform. Validation ensures the requirements satisfy the needs of the intended user base.

21. The correct answer is A. Body of Knowledge Domain IV(B): Technical Measures and Privacy
Enhancing Technologies (Techniques)
Access-control systems differ in their approaches to specifying policy. Access-control
models are typically based around subjects, the users or programs who may be granted or
denied access, and objects, the resources to which access is being regulated. Access-
control systems differ by who is authorized to configure the access-control policy. In
mandatory access control (MAC), policy is set by administrators; users have no ability to
change the policy, even for their own data. In contrast, discretionary access control (DAC)
systems allow users to change the access-control policies for the data they own.

22. The correct answer is D. Domain III(E): Technical Measures and Privacy Enhancing
Technologies (Software Security)
Vulnerability (an issue that could be exploited, e.g., weakness in an information system,
poor procedures) is determined by capability and probability: what skills and resources
are available to a threat actor and what may impede the threat actor from violating
privacy?
• Introducing controls serves as impediments that help increase difficulty and reduce
vulnerability.
• Creating a cyber defense infrastructure support using firewalls to prevent
malicious network traffic helps to manage a system’s vulnerabilities.
• An organization’s incident response plan may be used in the event of an attack.

© 2021 by the International Association of Privacy Professionals (IAPP). All rights reserved.
23. The correct answer is B. Body of Knowledge Domain VI(A)(f): Privacy by Design
Methodology (The Privacy by Design Process)
In low-level design, privacy technologists engage in improving the quality of programming
practices, including how well they meet privacy standards and requirements.
Opportunities for improving programming are done via coding practices, such as
information hiding and loose coupling, and the reuse of standard libraries and
frameworks. Information hiding identifies data that has been assigned to specific levels of
classification and restricts access to that data via limited class functions. Loose coupling
reduces objects’ dependency on other objects and helps to control the flow of
information. Reusing existing libraries of standard application programming interfaces
(APIs) reduces the risk of defects in source code and can be used to improve
confidentiality and integrity in support of privacy.

Threat modeling is used to identify risks to a system based on concrete scenarios and
considers the negative outcomes enabled by a particular threat agent or type of agent.

24. The correct answer is C. Body of Knowledge Domain I(A): Foundation Principles (Privacy
Risk Models and Frameworks)
The 1980 OECD Guidelines provide a foundational and international standard for privacy.
The guidelines contain principles that are not found in the FTC’s FIPPs, such as the
collection limitation principle. The OECD security safeguard principle states that
reasonable measures must be taken to protect data from unauthorized use, destruction,
modification or disclosure of personal information. BrandEnt does not have appropriate
methods for verifying customers prior to releasing personal information, which could
result in unauthorized disclosure of that information to the wrong party.

25. The correct answer is B. Body of Knowledge Domain II(B): The Role of IT in Privacy
(Information Security)
There may be circumstances where a previously undisclosed use of data is occurring or
through circumstances beyond the control of an organization (a data breach) data is used
in a manner inconsistent with the original disclosure. In these cases, it is imperative that
the organization make the individual aware of such new use of data, possibly giving the
individual opportunity to take corrective or remedial efforts to avoid adverse
consequences.

© 2021 by the International Association of Privacy Professionals (IAPP). All rights reserved.
ANSWER SHEET

1 A B C D 2 A B C D 3 A B C D 4 A B C D

5 A B C D 6 A B C D 7 A B C D 8 A B C D

9 A B C D 10 A B C D 11 A B C D 12 A B C D

13 A B C D 14 A B C D 15 A B C D 16 A B C D

17 A B C D 18 A B C D 19 A B C D 20 A B C D

21 A B C D 22 A B C D 23 A B C D 24 A B C D

A B C D
END
25

This page may be reproduced.

© 2021 by the International Association of Privacy Professionals (IAPP). All rights reserved.
Answer Key
Item Correct Foundational The Role of Privacy Technical Privacy Privacy by Technology
Number Answer Principles IT in Privacy Threats and Measures Engineering Design Challenges
Violations and Privacy Methodology for Privacy
Enhancing
Technologies

1 A
2 C
3 C
4 D
5 B
6 C
7 C
8 B
9 A
10 D
11 D
12 A
13 C
14 D
15 A
16 C
17 A
18 B
19 C
20 C
21 A
22 D
23 B
24 C
25 B

SUMMARY ___ of 3 ___ of 4 ___ of 5 ___ of 5 ___ of 3 ___ of 2 ___ of 3

correct correct correct correct correct correct correct
PERCENTAGE
(# correct/#
total) x 100

This page may be reproduced.

© 2021 by the International Association of Privacy Professionals (IAPP). All rights reserved.