Online Access Free EXIN.PDPF.v2021-09-15.q87 Practice Test (Page 10)

PDPF Exam Question 41

According to art 33 of the General Data Protection Regulation (GDPR) the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it. Notify the personal data breach to the Supervisory Authority What to the maximum partially for non-compliance with this obligation

A.€ 20.000.000 or 4% of the annual global turnover, whichever is higher

B.€ 10 000.000 or 2% of the annual global tumor, whichever is higher

C.Up to € 500.000 with a minimum of € 120.000

D.Up to € B20.000 with a minimum of € 350.000

PDPF Exam Question 42

A German company wants to enter into a binding contract with a processor in the Netherlands for the processing at sensitive personal data of German data subjects. The Dutch Supervisory Authority is informed of the type of data and the aims of the processing, including the contract describing what data will be processed and what data protection procedures and practices will be in place.
According to the GDPH, what should the Dutch Supervisory Authority do in this scenario?

A.Report the data processing to the German Supervisory Authority and leave the supervising to them.

B.Supervise the processing of personal data in accordance with Dutch Law.

C.Supervise the processing of personal data in accordance with German Law.

D.The Dutch Supervisor Authority should check that adequate binding contracts are in place. The German Supervisory Authority should supervise.

PDPF Exam Question 43

Which case is a data breach according to the GDPR?

A.Personal data is processed without a binding contract.

B.illegally obtained corporate data from a human resources management system.

C.Personal data is processed by anyone other than the controller, Processor or, possibly, subprocessor.

D.The operation of a vulnerable server in the network of the processor.

PDPF Exam Question 44

Important technical requirements set out in the General Data Protection Regulation (GDPR) are about quality. One is the obligation to ensure appropriate security, including protection against authentication against unauthorized or unlawful processing.
What is another important technician requirement?

A.To ascertain that personal data collection is adequate, relevant and limited to what is necessary in relation to the purposes

B.To control that data collected for specified, explicit and legitimate purposes is not further processed for other purposes

C.To keep personal data accurate and up to date, ensuring, that inaccurate data are erased or rectified without delay

D.To make sure that personal data is processed lawfully, fairly and in a transparent manner in relation to the data subject

PDPF Exam Question 45

What is a description of data protection by design and by default?

A.Not holding more data than is strictly required for processing

B.An indication of timeframes if processing relates to erasure

C.Data may only be collected for explicit and legitimate purposes

D.An approach that implements data protection from the start (Correct)

Latest Upload: 149CBIC.CIC.v2025-09-13.q75; 151Cisco.700-841.v2025-09-13.q131; 145SAP.C_ABAPD_2507.v2025-09-12.q56; 128SAP.C_TS452_2022.v2025-09-12.q83; 211ACSM.020-222.v2025-09-11.q48; 166VMware.5V0-31.23.v2025-09-10.q73; 138Oracle.1z0-915-1.v2025-09-10.q24; 173Citrix.1Y0-231.v2025-09-10.q87; 148SAP.C-THR85-2505.v2025-09-09.q29; 188Adobe.AD0-E727.v2025-09-09.q76

PDPF Exam Question 41

PDPF Exam Question 42

PDPF Exam Question 43

PDPF Exam Question 44

PDPF Exam Question 45

Download PDF File