CIPT Exam Practice Questions and Correct Verified Answers
0 view 0 purchase
Course
CIPT
Institution
CIPT
Active collection
Data directly from subject
Passive collection
Data without the participant Knowing
First Party
Providing information directly to collector
Surveillance
Collecting data through observed behaviors like online searches or websites
Repurposing
Previously collected data u...
CIPT Exam Practice Questions and
Correct Verified Answers
Active collection
✓ Data directly from subject
Passive collection
✓ Data without the participant Knowing
First Party
✓ Providing information directly to collector
Surveillance
✓ Collecting data through observed behaviors like online searches or websites
Repurposing
✓ Previously collected data used for a different purpose
Third Party
✓ Previously collected data is transferred to a third party
Explicit Consent
Top Mark !!!
, Top Mark Questions and Correct Verified Answers
✓ User takes an action
Implicit Consent
✓ Does not require user permission
Privacy by design
✓ 1. Proactive not reactive, 2. Privacy by Default, 3. Privacy Embedded in Design,
4. Full Functionality (Positive Sum, not zero sum, 5. End to End Securty, 6.
Visibility and Transparency, 7. Respect for privacy
Fair Information Principles (FIPPS)
✓ A privacy risk model that restricts collection of data to only what is needed or for
its intended purpose. Do not collect additional data that is not needed for
intended purpose.
Calo's Subjective/Objective Dichotomy
✓ A privacy risk model that focuses on privacy harms based on two categories:
Subjective Harm (perceives a harm that may not be observable or measure and
can cause fear and anxiety) and Objective Harm (privacy has been violated or
direct harm is known and is measurable and observable).
interrogation
✓ Actively questioning an individual or otherwise probing for information
Top Mark !!!
, Top Mark Questions and Correct Verified Answers
Aggregation
✓ combining multiple pieces of information about an individual to produce a whole
that is greater than the sum of its parts.
Contextual Integrity
✓ A risk model that states that privacy problems arise out of disruption of
informational norms. More specifically, personal information should be in
alignment with informational norms that apply to the particular context.
Solove's Taxanomy
✓ Model that attempts to order different harms that may arise from infringements
in privacy. The taxonomy is split into four categories: 1) Information Collection,
2) Information processing, 3) Information dissemination and 4) Invasion.
NIST Privacy Risk Model
✓ A risk model that is embedded in its Privacy Risk Assessment Methodology
(PRAM) and explicitly addrssees vulnerabilities, adverse events and the relative
likelihoods and impacts of those events.
NICE Framework
✓ Divides computer security into the following categories: Securely provision
(Tasks to develop software to be secure), Operate and Maintain, Protect and
Defend and Investigate (plan for investigating an attack).
Top Mark !!!
, Top Mark Questions and Correct Verified Answers
Factors Analysis in Information Risk (FAIR)
✓ Model that breaks down risk by its constituent parts and then breaks it down
further to estimate risk. The model asks how often a violation occurs and over
what time period and what impact will that violation have?
Design Thinking Process
✓ Five stages: Empathize (Research user's needs), Define (state users needs and
problems, Ideate (challenge assumptions and create ideas), prototype (create
solutions) and Test (try out solution).
Value-Sensitive Design
✓ Design approach that accounts for ethical values, such as privacy, in addition to
usability-oriented design goals. Here are the steps for Value-sensitive design: 1)
Clarify project values, 2) Identify the direct and Indirect stakeholders, 3) Identify
the benefits and hams for stakeholders, 4) Identify and elicit potential values 5)
Develop working definistions of key values, 6) Identify potential value tensions
and 7) Value-oriented design and development.
Privacy Notices
✓ External documents that informs users of an organizations practices, values and
commitments concerning their personal data.
Privacy Policies
✓ Internal documents that inform employees on how to protect consumer data.
Top Mark !!!
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller TopMarks1. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $14.49. You're not tied to anything after your purchase.
