1. Which of the following framework functions in the Privacy Framework Core best describes the function that would include categories such as identity management, authentication, and access control, as well as data security? - answer-Protect
2. Which of the following framework functions in the P...
CPA ISC Missed MCQs
1. Which of the following framework functions in the Privacy Framework Core best describes the
function that would include categories such as identity management, authentication, and access control,
as well as data security? - answer-Protect
2. Which of the following framework functions in the Privacy Framework Core best describes how the
organization should drive dialogue around privacy risks related to data processing activities? - answer-
Communicate
3. Which of the following organizations would most likely be considered a covered entity under the
Health Insurance and Portability Act (HIPAA)? - answer-A business specializing in physical therapy for
patients with knee and back issues, coordinating with each patients' primary physician
4. TampCorp is an organization based out of Italy specializing in the data processing of third-party
human resources data. TampCorp collects the human resource data on all clients and houses the
information on company servers located in northern Italy, but the processing is conducted remotely
from the United States. Which of the following best describes TampCorp's application of general data
protection regulation (GDPR)? - answer-TampCorp must comply with GDPR
5. Which CIS Control best describes using processes and tools to create, align, manage, and revoke
access credentials and privileges for user, administrator and service accounts for enterprise assets and
software? - answer-Control 6: Access Control Management
6. Which CIS Control best describes the establishment of a program to develop and maintain policies,
plans, procedures, defined roles, training, and communication to prepare, detect, and quickly react to an
attack? - answer-Incident Response Management
7. Under the COBIT core model, which of the following groups of objectives would best be classified as
Build, Acquire, and Implement (BAI)? - answer-Managed knowledge, managed organizational change,
and managed availability and capacity
8. Each of the following objectives falls within the domain Monitor, Evaluate, and Assess (MEA), except
for the following? - answer-Managed problems
, 9. Each of the following are components of the governance system except which of the following? -
answer-External stakeholders, culture, and competencies
10. A piece of hardware that connects devices within a network by reading and converting protocols so
that traffic can be transmitted across those devices is most likely which of the following network
components? - answer-Gateway
11. Which of the following best describes a benefit of using a cloud service provider (CSP)? - answer-
Redundancy and the ability to recover from a disaster is improved
12. Gibbs Energy Inc. is a power producer and distribution network operator that runs a power grid
which generates, transmits, and distributes power to customers. These core business functions require a
large amount of computing power to run highly customized software applications. These applications
often require modifications to the operating system. Since the usage of energy and computing power
varies, Gibbs rents servers, storage, and firewalls from a cloud service provider (CSP). What type of CSP
does Gibbs most likely use? - answer-Infrastructure-as-a-Service
13. A cloud service provider's vision is to provide reliable and consistent network connectivity for all
customers. Part of its corporate strategy for achieving that is heavily reliant on all of the following
except: - answer-Utilizing a community cloud deployment model
14. When evaluating a cloud service provider's data security measures, a company would appropriately
consider each of the following risk factors, except: - answer-The provider's vertical scalability
15. An accounting information system (AIS) is distinguished from an enterprise resource planning (ERP)
system by the fact that: - answer-An AIS stores financial data, whereas an ERP stores shipping data
16. Peame Mobile sells smartphones, tablets, and other supportive devices directly to consumers via its
online marketplace and in-store retail locations. Which of the following economic event and transaction
cycle pairings is correct? - answer-Loan payments for retail locations are made in the treasury cycle
17. Andrew is the CFO of a biotech company developing new drugs to combat mental illness. Andrew
needs an application allowing: every department to collab in real rime, manage requisitions, issue
purchase orders to vendors, project management needs to monitor research projet progress and project
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller TOPDOCTOR. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.49. You're not tied to anything after your purchase.
