| Question.51 A corporation does not have a formal data destruction policy. During which phase of a criminal legal proceeding will this have the MOST impact? (A) Sentencing (B) Trial (C) Discovery (D) Arraignment |
51. Click here to View Answer
Correct Answer: C
| Question.52 What is considered the BEST explanation when determining whether to provide remote network access to a third-party security service? (A) Contract negotiation (B) Supplier request (C) Business need (D) Vendor demonstration |
52. Click here to View Answer
Correct Answer: C
| Question.53 The acquisition of personal data being obtained by a lawful and fair means is an example of what principle? (A) Collection Limitation Principle (B) Openness Principle (C) Purpose Specification Principle (D) Data Quality Principle |
53. Click here to View Answer
Correct Answer: A
| Question.54 Which of the following is the MOST appropriate control for asset data labeling procedures? (A) Categorizing the types of media being used (B) Logging data media to provide a physical inventory control (C) Reviewing off-site storage access controls (D) Reviewing audit trails of logging records |
54. Click here to View Answer
Correct Answer: A
| Question.55 What is the BEST approach to anonymizing personally identifiable information (PII) in a test environment? (A) Swapping data (B) Randomizing data (C) Encoding data (D) Encrypting data |
55. Click here to View Answer
Correct Answer: B