IAPP CIPT Exam - Topic 5 Question 77 Discussion

Actual exam question for IAPP's CIPT exam

Question #: 77
Topic #: 5

An organization is launching a new online subscription-based publication. As the service is not aimed at children, users are asked for their date of birth as part of the of the sign-up process. The privacy technologist suggests it may be more appropriate ask if an individual is over 18 rather than requiring they provide a date of birth. What kind of threat is the privacy technologist concerned about?

AIdentification.

BInsecurity.

CInterference.

DMinimization.

Show Suggested Answer

Suggested Answer: B

an alternative technique to counter the reduction in use of third-party cookies, where web publishers may consider utilizing data cached by a browser and returned with a subsequent request from the same resource to track unique users is called browser fingerprinting.

by An at Dec 22, 2023, 02:23 PM

Limited Time Offer

25%

Off

Get Premium CIPT Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Ricarda

7 months ago

Interesting point, but isn't it just easier to verify age?

upvoted 0 times

...

Ivette

7 months ago

I think it's more about insecurity, honestly.

upvoted 0 times

...

Minna

7 months ago

Wait, is it really that big of a deal?

upvoted 0 times

...

Sabra

7 months ago

Totally agree, asking for DOB can lead to data leaks.

upvoted 0 times

...

Edward

8 months ago

Sounds like a classic case of identification risk.

upvoted 0 times

...

Monte

8 months ago

I feel like this could also relate to interference, but I lean more towards identification being the main threat here. It's tricky!

upvoted 0 times

...

Cecily

8 months ago

This reminds me of a practice question we did about data minimization. Maybe that's what the technologist is hinting at by suggesting a simpler question?

upvoted 0 times

...

Trinidad

8 months ago

I'm not entirely sure, but I think the privacy technologist is worried about insecurity. It seems like a valid concern with personal data.

upvoted 0 times

...

Janessa

8 months ago

I remember discussing how asking for a date of birth could lead to identification risks, especially if that information gets into the wrong hands.

upvoted 0 times

...

Marguerita

8 months ago

The key here is that the service is not aimed at children, so the privacy technologist is likely trying to minimize the collection of personal information. I'd go with the answer about minimization.

upvoted 0 times

...

Lynelle

8 months ago

I'm a bit confused here. Is the issue about insecurity? Maybe the privacy technologist is worried that storing date of birth information could make the system more vulnerable to breaches or misuse.

upvoted 0 times

...

Verlene

8 months ago

I think the answer is minimization. The privacy technologist is suggesting a way to collect less personal information while still achieving the same goal, which aligns with the principle of data minimization.

upvoted 0 times

...

Major

8 months ago

Hmm, I'm not sure about this one. Could it be about identification? Asking for a date of birth could make it easier to identify individuals, which might be a privacy concern.

upvoted 0 times

...

Oneida

8 months ago

This question seems straightforward. The privacy technologist is likely concerned about minimization, as asking for a date of birth instead of just whether someone is over 18 could lead to the collection of more personal information than necessary.

upvoted 0 times

...

Barrett

9 months ago

Hmm, I'm a bit unsure about this one. I'll need to double-check the Azure Firewall documentation to make sure I understand the deployment constraints and limitations.

upvoted 0 times

...

Carey

9 months ago

Okay, let me think this through. The QoS profile is for quality of service, so that's not it. The DoS Protection profile and policy both sound like they could be related to SYN flood protection, so I'll go with those.

upvoted 0 times

...

Johnetta

1 year ago

Haha, I bet the privacy technologist is just trying to avoid another 'Y2K' situation. Can't be too careful with those date fields, you know!

upvoted 0 times

...

Lazaro

1 year ago

This is a tricky one. I'm going to go with B, insecurity. Asking for the date of birth could make the system less secure and more vulnerable to hacking or other security breaches.

upvoted 0 times

Judy

11 months ago

D) Minimization.

upvoted 0 times

...

Johnathon

11 months ago

C) Interference.

upvoted 0 times

...

Jenise

11 months ago

B) Insecurity.

upvoted 0 times

...

Mariko

1 year ago

A) Identification.

upvoted 0 times

...

Madelyn

1 year ago

Hmm, I'm not sure. Could it be interference? Maybe the privacy technologist is worried that the date of birth could be used to interfere with the user's online activities or privacy in some way.

upvoted 0 times

Jacquelyne

1 year ago

C) Interference.

upvoted 0 times

...

William

1 year ago

B) Insecurity.

upvoted 0 times

...

Lucy

1 year ago

A) Identification.

upvoted 0 times

...

Sabra

1 year ago

I think the answer is minimization. The privacy technologist wants to minimize the amount of personal information collected by only asking if the user is over 18, rather than requiring their exact date of birth.

upvoted 0 times

Carmen

1 year ago

C) Interference.

upvoted 0 times

...

Craig

1 year ago

B) Insecurity.

upvoted 0 times

...

Brittni

1 year ago

A) Identification.

upvoted 0 times

...

Jeannine

1 year ago

The privacy technologist is concerned about identification. Asking for a date of birth could lead to the user's identity being revealed, which is a privacy risk.

upvoted 0 times