IAPP CIPP/US Exam - Topic 8 Question 10 Discussion

Actual exam question for IAPP's CIPP/US exam

Question #: 10
Topic #: 8

Which of the following accurately describes the purpose of a particular federal enforcement agency?

AThe National Institute of Standards and Technology (NIST) has established mandatory privacy standards that can then be enforced against all for-profit organizations by the Department of Justice (DOJ).

BThe Cybersecurity and Infrastructure Security Agency (CISA) is authorized to bring civil enforcement actions against organizations whose website or other online service fails to adequately secure personal information.

CThe Federal Communications Commission (FCC) regulates privacy practices on the internet and enforces violations relating to websites' posted privacy disclosures.

DThe Federal Trade Commission (FTC) is typically recognized as having the broadest authority under the FTC Act to address unfair or deceptive privacy practices.

Show Suggested Answer

Suggested Answer: D

by Fernanda at May 03, 2022, 02:53 PM

Limited Time Offer

25%

Off

Get Premium CIPP/US Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Barney

4 months ago

Yeah, FTC is the go-to for unfair practices, no doubt about it!

upvoted 0 times

...

Callie

5 months ago

FCC's role is more about communications, not really privacy enforcement.

upvoted 0 times

...

Frederica

5 months ago

Wait, CISA can actually bring civil actions? That's news to me.

upvoted 0 times

...

Avery

5 months ago

Totally agree, FTC has the broadest authority for privacy issues!

upvoted 0 times

...

Pamela

5 months ago

NIST doesn't enforce privacy standards, that's not their role.

upvoted 0 times

...

Glory

5 months ago

I practiced a question similar to this, and I think D is correct because the FTC does handle unfair practices, but I’m a bit unsure about the specifics.

upvoted 0 times

...

Clay

5 months ago

The FTC definitely has a strong role in privacy issues, but I feel like the FCC might also have some authority over internet practices.

upvoted 0 times

...

Leslie

5 months ago

I remember something about CISA, but I can't recall if they actually have enforcement power. I thought they mainly provided guidance.

upvoted 0 times

...

Justine

5 months ago

I think NIST sets standards, but I'm not sure if they can enforce them directly. That sounds more like the DOJ's role.

upvoted 0 times

...

Adolph

5 months ago

I'm a bit confused by the media port range options. I'll need to double-check the Cisco documentation to make sure I understand the implications of each choice.

upvoted 0 times

...

Vanda

5 months ago

Okay, let's see. We have 500 desktops, each peaking at 75 IOPS, and a 30/70 read/write ratio. I think I can use that to calculate the total IOPS.

upvoted 0 times

...