Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Iapp Discussions
exam questions

Exam CIPT All Questions

View all questions & answers for the CIPT exam
Go to Exam

Exam CIPT topic 1 question 9 discussion

Actual exam question from IAPP's CIPT
Question #: 9
Topic #: 1
[All CIPT Questions]

SCENARIO -
Kyle is a new security compliance manager who will be responsible for coordinating and executing controls to ensure compliance with the company's information security policy and industry standards. Kyle is also new to the company, where collaboration is a core value. On his first day of new-hire orientation, Kyle's schedule included participating in meetings and observing work in the IT and compliance departments.
Kyle spent the morning in the IT department, where the CIO welcomed him and explained that her department was responsible for IT governance. The CIO and
Kyle engaged in a conversation about the importance of identifying meaningful IT governance metrics. Following their conversation, the CIO introduced Kyle to
Ted and Barney. Ted is implementing a plan to encrypt data at the transportation level of the organization's wireless network. Kyle would need to get up to speed on the project and suggest ways to monitor effectiveness once the implementation was complete. Barney explained that his short-term goals are to establish rules governing where data can be placed and to minimize the use of offline data storage.
Kyle spent the afternoon with Jill, a compliance specialist, and learned that she was exploring an initiative for a compliance program to follow self-regulatory privacy principles. Thanks to a recent internship, Kyle had some experience in this area and knew where Jill could find some support. Jill also shared results of the company's privacy risk assessment, noting that the secondary use of personal information was considered a high risk.
By the end of the day, Kyle was very excited about his new job and his new company. In fact, he learned about an open position for someone with strong qualifications and experience with access privileges, project standards board approval processes, and application-level obligations, and couldn't wait to recommend his friend Ben who would be perfect for the job.
Ted's implementation is most likely a response to what incident?

  • A. Encryption keys were previously unavailable to the organization's cloud storage host.
  • B. Signatureless advanced malware was detected at multiple points on the organization's networks.
  • C. Cyber criminals accessed proprietary data by running automated authentication attacks on the organization's network.
  • D. Confidential information discussed during a strategic teleconference was intercepted by the organization's top competitor.
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by k4d4v4r at Nov. 15, 2021, 9:46 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
waterdogs
2 months, 4 weeks ago
Selected Answer: D
C doesnt make sense because the cyber criminals are doing authentication attacks, how would encryption of data on the network layer guard against that? chatgpt says it should be D: "The most likely reason for Ted's implementation of a plan to encrypt data at the transportation level of the organization's wireless network would be to address the risk of data being intercepted during transmission. This suggests that the implementation is likely a response to an incident where confidential information was intercepted during communication. Therefore, the correct answer is: D. Confidential information discussed during a strategic teleconference was intercepted by the organization's top competitor."
upvoted 2 times
...
Ssourav
3 months, 2 weeks ago
Selected Answer: C
C. Cyber criminals accessed proprietary data by running automated authentication attacks on the organization's network is indeed a strong candidate because encryption at the transportation level (such as securing the wireless network) would be a direct response to protecting data from unauthorized access, especially within the organization's premises. This type of encryption is designed to prevent cybercriminals from intercepting or accessing data as it moves across the internal network, which aligns with the scenario described in option C.
upvoted 1 times
...
ChaBum
2 years, 8 months ago
Selected Answer: C
C is the only answer related to local network, and encrypting data passing through the WiFi only protect the LAN.
upvoted 2 times
...
ChaBum
2 years, 8 months ago
C is the only answer related to local network, and encrypting data passing through the WiFi only protect the LAN.
upvoted 1 times
...
187san
2 years, 11 months ago
Selected Answer: D
its D , rest responses does not make sense
upvoted 2 times
ChaBum
2 years, 8 months ago
teleconferences are most likely to pass through Internet because you want to interact with people outside your premises, encrypting the wireless network will only protect the data inside you premise.
upvoted 1 times
...
...
k4d4v4r
3 years ago
Why A and not D? Wireless has nothing to do with cloud
upvoted 2 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel