IAPP CIPP/C Exam - Topic 3 Question 16 Discussion

Actual exam question for IAPP's CIPP/C exam

Question #: 16
Topic #: 3

Which of the following accurately describes the purpose of a particular federal enforcement agency?

AThe National Institute of Standards and Technology (NIST) has established mandatory privacy standards that can then be enforced against all for-profit organizations by the Department of Justice (DOJ).

BThe Cybersecurity and Infrastructure Security Agency (CISA) is authorized to bring civil enforcement actions against organizations whose website or other online service fails to adequately secure personal information.

CThe Federal Communications Commission (FCC) regulates privacy practices on the internet and enforces violations relating to websites' posted privacy disclosures.

DThe Federal Trade Commission (FTC) is typically recognized as having the broadest authority under the FTC Act to address unfair or deceptive privacy practices.

Show Suggested Answer

Suggested Answer: D

by Eladia at Oct 23, 2022, 04:21 AM

Limited Time Offer

25%

Off

Get Premium CIPP/C Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Marion

6 months ago

D is definitely the most accurate here, no doubt about it!

upvoted 0 times

...

Susana

6 months ago

FCC regulates internet privacy? I thought that was just for telecoms.

upvoted 0 times

...

Sharika

6 months ago

Wait, CISA can actually bring civil actions? That’s news to me.

upvoted 0 times

...

Chauncey

6 months ago

Totally agree, FTC has the broadest authority for privacy issues!

upvoted 0 times

...

Arletta

7 months ago

NIST doesn't enforce privacy standards, that's DOJ's job.

upvoted 0 times

...

Tess

7 months ago

I thought NIST set standards but wasn't sure they had enforcement power like the DOJ. That makes me lean away from A.

upvoted 0 times

...

Sunny

7 months ago

I feel like I saw a question similar to this in practice exams, and I think the FTC does have broad authority, so D seems likely.

upvoted 0 times

...

Gilma

7 months ago

I'm not entirely sure, but I think CISA has some authority over cybersecurity, but I'm not confident about the specifics.

upvoted 0 times

...

Essie

7 months ago

I remember studying about the FTC and its role in privacy enforcement, so I think option D might be the right choice.

upvoted 0 times

...

Lashandra

7 months ago

Hmm, I think this is asking where we can access the Compliance Manager tool. Let me think about the different Microsoft admin centers I know of.

upvoted 0 times

...

Latonia

7 months ago

Hmm, I'm a bit unsure about this one. I'll have to carefully read through the options and see if I can eliminate any of them.

upvoted 0 times

...

Glen

7 months ago

I remember studying that zero-based budgeting can really help avoid complacency, which is a good thing for charities that need to be efficient with funds.

upvoted 0 times

...