Which of the following is an example of drone “swarming”?
What is an Access Control List?
Which is likely to reduce the types of access controls needed within an organization?
Organizations understand there are aggregation risks associated with the way the process their
a. They typically include the details of this aggregation risk in a privacy notice and ask that all
customers acknowledge they understand these risks and consent to the processing.
What type of risk response does this notice and consent represent?
What risk is mitigated when routing video traffic through a companys application servers, rather
than sending the video traffic directly from one user to another?
In day to day interactions with technology, consumers are presented with privacy choices. Which of
the following best represents the Privacy by Design (PbD) methodology of letting the user choose a
Which of the following would be the most appropriate solution for preventing privacy violations
related to information exposure through an error message?
What logs should an application server retain in order to prevent phishing attacks while minimizing
Which of the following modes of interaction often target both people who personally know and are
strangers to the attacker?
A company seeking to hire engineers in Silicon Valley ran an ad campaign targeting women in a
specific age range who live in the San Francisco Bay Area.
Which Calo objective privacy harm is likely to result from this campaign?
What privacy risk is NOT mitigated by the use of encrypted computation to target and serve online
When analyzing user data, how is differential privacy applied?
Between November 30th and December 2nd, 2013, cybercriminals successfully infected the credit
card payment systems and bypassed security controls of a United States-based retailer with malware
that exfiltrated 40 million credit card numbers. Six months prior, the retailer had malware detection
software installed to prevent against such an attack.
Which of the following would best explain why the retailers consumer data was still exfiltrated?
Which of the following is the least effective privacy preserving practice in the Systems Development
Life Cycle (SDLC)?
Which of the following functionalities can meet some of the General Data Protection Regulation’s
(GDPR’s) Data Portability requirements for a social networking app designed for users in the EU?