Weekend Sale 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

Free IAPP CIPP-A Practice Exam with Questions & Answers | Set: 2

Questions 11

Besides the Personal Data Protection Act (PDPA), which of the following is a potential source of privacy protection for Singapore citizens?

Options:
A.

Constitutional protections of personal information.

B.

International agreements protecting privacy.

C.

The tort of invasion of privacy.

D.

Breach of confidence law.

IAPP CIPP-A Premium Access
Questions 12

Which of the following is NOT a substantial source of privacy protection for Hong Kong citizens?

Options:
A.

The Communications and Surveillance Ordinance.

B.

The Universal Declaration of Human Rights.

C.

The Bill of Rights Ordinance.

D.

The Basic Law.

Questions 13

Which provision of Hong Kong's Personal Data (Privacy) Ordinance (PDPO) strengthens the purpose limitation principle (DPP3)?

Options:
A.

Notice; because the data subject must be provided with the purpose of the collection.

B.

Public domain; because the data subjects must agree to the purpose before their information is made publicly available.

C.

Prescribed consent; because the data subject must give express consent to their personal information being used for additional purposes.

D.

Finality; because the purpose for collection of personal information from the subject must be directly related to a function of the collector.

Questions 14

In June 2011, the Hong Kong Privacy Commissioner determined that data subject consent is NOT valid if it is what?

Options:
A.

Provided by the data subject solely in verbal form.

B.

Used for a directly related but separate purpose.

C.

Bundled with other terms of the agreement.

D.

Intended for direct marketing purposes.

Questions 15

In which situation would a data intermediary based in Singapore be liable for breaches against the PDPA?

Options:
A.

When it fails to provide an individual access to his or her data.

B.

When it does not provide anonymous transactions with an individual.

C.

When it fails to inform an individual it is processing data from a controller.

D.

When it processes data contrary to the provisions established in the contract.

Questions 16

What clarification did India make in a 2011 Press Note regarding their Sensitive Personal Data Rules?

Options:
A.

That the rules apply to data subjects located outside of India.

B.

That the rules apply to persons or companies collecting sensitive data within India.

C.

That the data processor must provide notice to the data subject before data is processed.

D.

That sensitive personal data or information includes passwords, financial information, medical records, and

biometric information.

Questions 17

SCENARIO – Please use the following to answer the next QUESTION:

Singabank is a boutique bank in Singapore. After being notified during the hiring process, Singabank employees are subject to constant and thorough monitoring and tracking through CCTV cameras, computer monitoring software and keyboard loggers. Singabank does this to ensure its employees are complying with Singabank's data security policy. Bigbank is now considering acquiring Singabank's retail banking division. As part of its due diligence, Bigbank is seeking for Singabank to disclose to it all of its surveillance material on its employees, whether or not they are part of the retail banking division. Jimmy works in Singabank's investment banking division.

What would make Singabank's monitoring of its employees illegal?

Options:
A.

If the employees did not explicitly consent to it.

B.

If the bank's data security policy was being overhauled.

C.

If the bank collected employees' sensitive personal information.

D.

If the employees were not provided contact information to ask QUESTION NO:s about the monitoring.

Questions 18

Which method ensures the greatest security when erasing data that is no longer needed, according to the Hong Kong Office of the Privacy Commissioner?

Options:
A.

Strip-shredding paper copies of data.

B.

Crosscut shredding paper copies of data.

C.

Deleting electronic files containing data.

D.

Reformatting USB memory devices containing data.

Questions 19

Which Hong Kong body has recommended legislation that provides for the right of civil action to be taken when private information is publicly disclosed?

Options:
A.

Hong Kong's Court of Final Appeal.

B.

Hong Kong Law Reform Commission.

C.

Office of the Privacy Commissioner for Personal Data.

D.

Standing Committee of the National People's Congress of the PRC.

Questions 20

Which personal data element is NOT considered a special category of data under the General Data Protection Regulation (GDPR)?

Options:
A.

Physical or mental health data.

B.

Financial information.

C.

Race or ethnic origin.

D.

Political opinions.

Exam Code: CIPP-A
Certification Provider: IAPP
Exam Name: Certified Information Privacy Professional/Asia (CIPP/A)
Last Update: Jul 19, 2025
Questions: 90

How to Pass CIPP-A Exams

PDF + Testing Engine
$164.99
$57.75
Add to Cart
Testing Engine
$124.99
$43.75
Add to Cart
PDF (Q&A)
$104.99
$36.75
Add to Cart

IAPP Related Exams

How to pass IAPP CIPP-E - Certified Information Privacy Professional/Europe (CIPP/E) Exam
How to pass IAPP CIPP-C - Certified Information Privacy Professional/ Canada (CIPP/C) Exam
How to pass IAPP CIPP-US - Certified Information Privacy Professional/United States (CIPP/US) Exam
CIPM - Certified Information Privacy Manager (CIPM)
CIPT - Certified Information Privacy Technologist (CIPT)
PLS_Ethics_Exam - Privacy Law Specialist - Ethics Exam
AIGP - Artificial Intelligence Governance Professional
CIPT-B - Certified Information Privacy Technologist Beta Exam
IAPP Free Access
Get IAPP Full Access

IAPP Free Exams
IAPP Free Exams
Prepare effectively for IAPP certification exams with free study resources and practice tests from Examstrack.