Heads up: opening this section reveals every question, every option, and the correct answer for this round. If you came here to play, scroll up and hit Play first.
Question 1: What is the principle of collecting only the bare minimum personal data needed for a specific purpose?
- Data mapping
- Data minimization ✓ correct
- Purpose limitation
- Storage limitation
Explanation: Data minimization is a fundamental privacy principle that mandates organizations collect only the specific, essential information required to fulfill a clearly defined and legitimate business purpose.
Question 2: Which term describes the practice of deleting personal data once it is no longer needed for its original purpose?
- Transparency
- Data mapping
- Storage limitation ✓ correct
- Privacy by Design
Explanation: Anonymization is the technical process of removing or modifying personally identifiable information from a dataset so that the individuals involved can no longer be identified by anyone.
Question 3: What is the primary benefit of using Two-Factor Authentication (2FA)?
- It encrypts all outgoing emails
- It eliminates the need for passwords
- It adds a second form of verification ✓ correct
- It automatically updates software
Explanation: Two-Factor Authentication significantly enhances account security by requiring a second, independent form of verification, such as a mobile code, in addition to a standard password.
Question 4: What is the purpose of a password manager?
- To simplify creating and storing unique passwords ✓ correct
- To bypass the need for multi-factor security
- To track user browsing history
- To encrypt all files on a hard drive
Explanation: A privacy policy is a mandatory legal document that clearly explains how an organization collects, uses, discloses, and manages the personal data of its customers and users.
Question 5: What does 'Privacy by Design' involve in a product development workflow?
- Collecting data before defining the purpose
- Adding privacy features after a product launch
- Hiding privacy settings in complex menus
- Integrating privacy considerations from the outset ✓ correct
Explanation: Phishing is a deceptive cyberattack technique where malicious actors impersonate legitimate entities via email or messages to trick individuals into revealing sensitive personal or financial information.
Question 6: What is the main goal of end-to-end encryption in messaging?
- To ensure only sender and recipient can read content ✓ correct
- To store messages on a central server
- To allow intermediaries to read messages
- To speed up the delivery of messages
Explanation: End-to-end encryption ensures that digital communications remain private by encoding data so that only the sender and the intended recipient can decrypt and read the content.
Question 7: What is the organizational process of identifying what personal information an entity holds and where it flows?
- Transparency
- Data mapping ✓ correct
- Software updating
- Affirmative opt-in
Explanation: Data mapping is the systematic organizational process of identifying, documenting, and tracking the flow of personal information as it moves through various internal systems and external databases.
Question 8: Which practice requires users to actively select a checkbox to consent to data processing?
- Affirmative opt-in ✓ correct
- Data minimization
- Hidden agendas
- Pre-checked boxes
Explanation: A data breach occurs when sensitive, protected, or confidential information is intentionally or unintentionally released, viewed, stolen, or used by an unauthorized individual or entity.
Question 9: Why is keeping software updated considered an essential security practice?
- It changes the user interface
- It removes the need for passwords
- It includes critical security patches ✓ correct
- It increases the storage capacity
Explanation: Regularly updating software is a critical security practice because these updates frequently contain essential patches that protect systems against newly discovered vulnerabilities and potential cyber threats.
Question 10: What is the benefit of regularly reviewing app permissions?
- It creates a backup of all contacts
- It increases the speed of the device
- It automatically deletes old messages
- It prevents apps from accessing unnecessary data ✓ correct
Explanation: A strong password should be long, complex, and unique to each account to prevent unauthorized access through common techniques like credential stuffing or brute-force guessing attacks.