Weekend Sale 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

Free DSCI DCPP-01 Practice Exam with Questions & Answers

Questions 1

Select the element(s) of APEC cross border privacy rules system from the following list:

i. self-assessment

ii. compliance review

iii. recognition/acceptance by APEC members

iv. dispute resolution and enforcement

Please select correct option:

Options:
A.

i, ii and iii

B.

ii, iii, and iv

C.

i, iii and iv

D.

i, ii, iii and iv

DSCI DCPP-01 Premium Access
Questions 2

Which among the following is the Canadian privacy law?

Options:
A.

COPPA

B.

PIPEDA

C.

HIPAA

D.

IT Act of Canada

Questions 3

For negligence in implementing and maintaining the reasonable security practices and procedures for protecting Sensitive Personal Data or Information (SPDI) as mentioned in Section 43A and associated rules under IT (Amendment) Act, 2008, a corporate entity may be liable to pay compensation of up to___________

Options:
A.

Rs. 50,000,000

B.

Rs. 500,000,000

C.

Rs. 5,000,000

D.

Upper limit not defined

Questions 4

Which of the following provides the legal basis for an Adjudicating Officer in every Indian state & union territory, with the powers of a civil court, to hear complaints and order compensation to the affected individuals?

Options:
A.

Indian Civil Code

B.

Indian Criminal Procedure Code

C.

Telecom Regulatory Authority of India (TRAI) Act

D.

Information Technology Act, 2000 & Information Technology (Amendment) Act, 2008

Questions 5

Which of the following legislations/ guidelines do not cover the concept of trans-border data flow?

Options:
A.

OECD

B.

IT (Amendment) Act, 2008

C.

PIPEDA

D.

None of the above

Questions 6

Which of the following statements are true about the privacy statement of an organization?

Options:
A.

Content of the online privacy statement of an organization will depend upon the applicable laws, and may need to address requirements across geographical boundaries and legal jurisdictions

B.

As per privacy laws generally it is mandatory to mention the phone contact details of the owner of organization in the online privacy statement where customers can reach out in case of a grievance or incident

C.

Online privacy statement is an instrument to demonstrate to stakeholders how the organization gathers, uses, discloses, and manages personal data

D.

India’s Information Technology (Amendment) Act, 2008 does not require that privacy policy be published on the website

Questions 7

XYZ is a successful startup that acquired a respectable size & scale of operations in last 3 years, handling business process services for small & medium scale enterprises, largely in US & Europe. They are at the stage of closing a deal with a new banking client and working out the details of privacy related obligations in contract. Ensuring effective enforcement of which of the below listed privacy principles is client’s accountability, even after outsourcing its loan approval process to XYZ?

I. Notice

II. Choice and Consent

III. Collection Limitation

IV. Use Limitation

V. Access and Correction

VI. Security

VII. Disclosure to third Party

Please select the correct set of principles from below listed options:

Options:
A.

None of the above, since they are outsourcing the work to XYZ who will carry the liability going forward

B.

All except V and VI

C.

All except III

D.

All of the above listed privacy principles

Questions 8

A multinational company with operations in several parts within EU and outside EU, involves international data transfer of both its employees and customers. In some of its EU branches, which are relatively larger in size, the organization has a works council. Most of the data transferred is personal, and some of the data that the organization collects is sensitive in nature, the processing of some of which is also outsourced to its branches in Asian countries.

For exporting EU branch employees’ data to Asian Countries for processing, which of the following instruments could be used for legal data transfer?

Options:
A.

Customized contracts mandating ISO 27001 certification by the data processor

B.

Standard Contractual Clauses

C.

Binding Corporate Rules

D.

Safe Harbor

Questions 9

With respect to ‘Data Minimization’ privacy principle, please select the correct statements from the following:

Options:
A.

Right to object by the data subject for minimizing the collection of personal information

B.

Data controllers should limit the amount of data collected to what is directly relevant and necessary to accomplish a specified purpose

C.

Data controllers should retain the data only for as long as is necessary to fulfil the purpose for which it was collected

D.

Process of analyzing and minimizing the collected data into useful information

Questions 10

APEC privacy framework envisages common principles such as Notice, Collection limitation, Use Limitation, Access and Correction, Security/Safeguards, and Accountability. But it differs from the EU Data Protection Directive in which of the below aspect?

Options:
A.

APEC privacy framework does not deal with the usage of personal information

B.

APEC privacy framework does not mandate the binding treaties or directives for member countries

C.

APEC privacy framework does not have a provision for co-operation between privacy enforcement agencies of members

D.

APEC privacy framework does not deal with e-commerce

Exam Code: DCPP-01
Certification Provider: DSCI
Exam Name: DSCI certified Privacy Professional (DCPP)
Last Update: Jul 12, 2025
Questions: 122

DSCI Related Exams

DCPLA - DSCI Certified Privacy Lead Assessor
DSCI Free Access
Get DSCI Full Access

DSCI Free Exams
DSCI Free Exams
Examstrack offers free DSCI exam materials and practice tests to aid your DSCI certification journey.