🔐
Cyber Security Medium

Data Privacy and Protection

15 cybersecurity trivia questions and answers online spanning data privacy and protection regulations.

15 Questions
30s Per Question
0+ Plays
← All Cyber Security Quizzes 📚 Study Guide for this category →
💡 Create account to save scores & earn XP
📋 View All 15 Questions & Answers

1. What does 'data subject' refer to in privacy regulations?

  • A. The individual whose personal data is being collected or processed ✓
  • B. The organization collecting data
  • C. A type of software
  • D. A type of hardware

💡 A 'data subject' refers to the individual whose personal data is being collected, stored, or otherwise processed.

2. What does 'GDPR' stand for?

  • A. General Data Protection Regulation ✓
  • B. Global Data Privacy Rule
  • C. General Digital Protection Regulation
  • D. Global Data Protection Requirement

💡 GDPR stands for General Data Protection Regulation, a European Union law governing data protection and privacy.

3. What does 'personally identifiable information' (PII) refer to?

  • A. Information that can be used to identify a specific individual ✓
  • B. Publicly available general information only
  • C. A type of encryption
  • D. A type of firewall

💡 Personally identifiable information (PII) refers to any data that can be used to identify a specific individual.

4. What is a 'data retention policy'?

  • A. Guidelines determining how long data should be kept before being securely deleted ✓
  • B. A policy for collecting more data indefinitely
  • C. A type of encryption standard
  • D. A type of firewall rule

💡 A data retention policy establishes guidelines for how long different types of data should be kept before secure deletion.

5. What does 'data controller' refer to in privacy law?

  • A. The entity that determines the purposes and means of processing personal data ✓
  • B. The individual whose data is collected
  • C. A type of software
  • D. A type of hardware

💡 A 'data controller' is the entity that determines why and how personal data is processed, bearing key legal responsibilities.

6. What is 'data minimization' in privacy practices?

  • A. Collecting only the data necessary for a specific purpose ✓
  • B. Collecting as much data as possible
  • C. Deleting all data immediately
  • D. Sharing all data publicly

💡 Data minimization is the practice of collecting only the personal data necessary to accomplish a specific, defined purpose.

7. What does 'consent' typically require in data privacy regulations like GDPR?

  • A. Clear, informed, and voluntary agreement before collecting or using personal data ✓
  • B. Automatic data collection without notification
  • C. Only a general terms of service agreement
  • D. No requirement at all

💡 Regulations like GDPR typically require clear, informed, and voluntary consent before personal data can be collected or used.

8. What does 'third-party data sharing' typically involve?

  • A. An organization sharing collected data with other companies or entities ✓
  • B. Data that never leaves the collecting organization
  • C. A type of encryption
  • D. A type of firewall

💡 Third-party data sharing involves an organization sharing collected data with other companies, partners, or entities.

9. What is a 'privacy policy'?

  • A. A document explaining how an organization collects, uses, and protects personal data ✓
  • B. A type of software license
  • C. A type of firewall configuration
  • D. A type of encryption standard

💡 A privacy policy is a document that explains how an organization collects, uses, stores, and protects personal data.

10. What is 'data anonymization'?

  • A. Removing or altering personal identifiers so data cannot be linked to a specific individual ✓
  • B. Making data publicly available
  • C. Encrypting data without altering identifiers
  • D. Deleting all data permanently

💡 Data anonymization removes or alters personal identifiers so that the remaining data cannot be traced back to a specific individual.

11. What is 'HIPAA' primarily concerned with in the United States?

  • A. Protecting the privacy and security of health information ✓
  • B. Protecting financial data only
  • C. Regulating internet speed
  • D. Regulating hardware manufacturing

💡 HIPAA is a US law primarily concerned with protecting the privacy and security of individuals' health information.

12. What is the purpose of a 'data protection officer' (DPO) in an organization?

  • A. Overseeing data protection strategy and compliance with privacy regulations ✓
  • B. Managing hardware purchases only
  • C. Managing internet speed
  • D. Managing software licensing only

💡 A data protection officer oversees an organization's data protection strategy and ensures compliance with relevant privacy regulations.

13. What is 'privacy by design'?

  • A. Incorporating privacy protections into systems and processes from the outset ✓
  • B. Adding privacy measures only after a breach occurs
  • C. Ignoring privacy considerations entirely
  • D. A type of encryption algorithm only

💡 'Privacy by design' incorporates privacy protections into the design of systems and processes from the very beginning.

14. What does 'right to be forgotten' refer to in data privacy?

  • A. An individual's right to request the deletion of their personal data ✓
  • B. The right to access unlimited free services
  • C. The right to unlimited data storage
  • D. The right to ignore privacy laws

💡 The 'right to be forgotten' allows individuals to request that organizations delete their personal data under certain conditions.

15. What is the primary purpose of GDPR?

  • A. Protecting the personal data and privacy of individuals within the European Union ✓
  • B. Increasing internet speed across Europe
  • C. Regulating hardware manufacturing
  • D. Standardizing software pricing

💡 GDPR's primary purpose is protecting the personal data and privacy rights of individuals within the European Union.

More Cyber Security Quizzes

View all Cyber Security quizzes →