A Data Privacy Day Quiz

20 Questions | Total Attempts: 2232

SettingsSettingsSettings
Please wait...
Data Quizzes & Trivia

How much you are aware of your data privacy?


Questions and Answers
  • 1. 
    What is personal data/PII? (Personally Identifiable information)
    • A. 

      Any data that alone, or in combination with other information, can identify an individual

    • B. 

      Historical information published about a monument

    • C. 

      Any information of an employee

    • D. 

      Information or data that is stored in a vault

  • 2. 
    When collecting a customer’s personal information you must:
    • A. 

      Not collect personal information indiscriminately.

    • B. 

      Not deceive or mislead individuals about the purposes for collecting personal

    • C. 

      Limit the amount and type of information you collect to what is needed for the identified purposes.

    • D. 

      All of the above

  • 3. 
    The largest privacy and data breach affected how many people:
    • A. 

      100 People

    • B. 

      3 billion

    • C. 

      20,000

    • D. 

      500 million

  • 4. 
    What are examples of PII?
    • A. 

      Name

    • B. 

      Email

    • C. 

      Source Code

    • D. 

      All of the above

  • 5. 
    Phishing is only done through email.
    • A. 

      True

    • B. 

      False

  • 6. 
    What is the maximum data breach penalty, under the GDPR compliance directives?
    • A. 

      20,000,000 euros or up to 4% of annual turnover, whichever is greater

    • B. 

      10,000,000 euros or up to 1% of annual turnover, whichever is greater

    • C. 

      5,000,000 euros, job suspension and imprisonment for up to 5 years

    • D. 

      There is no maximum fine

  • 7. 
    GDPR applies to which types of individuals or organizations: 
    • A. 

      Any organization that processes personal data

    • B. 

      All data controllers and processors established in the EU and organizations that target EU resident

    • C. 

      Data controllers operating in the EU

    • D. 

      All of the above

  • 8. 
    Within what period of time is an organization required to notify a supervising authority about a data breach within the realm of GDPR?
    • A. 

      Within 48 hours

    • B. 

      Within 12 hours

    • C. 

      Within 24 hours

    • D. 

      Within 72 hours

  • 9. 
    Which of these is not a wise idea when it comes to password security?
    • A. 

      Using a password manager to securely store your login information.

    • B. 

      Writing your passwords down on a sticky note that you keep near your computer.

    • C. 

      Changing your passwords on a regular basis, such as every three-to-six months.

    • D. 

      Creating unique, long, complex passwords for each and every online account you have.

  • 10. 
    Organizations should protect personal information by which of the following methods:
    • A. 

      Physical measures, for example, shredding documents and locking desk drawers

    • B. 

      Organizational measures, for example, security clearances and limiting access on a “need-to-know” basis

    • C. 

      Technological measures, for example, the use of passwords and encryption

    • D. 

      All of the above

  • 11. 
    What is its main purpose?
    • A. 

      To protect people's personal information.

    • B. 

      To help police, doctors, army, etc. to get information.

    • C. 

      To help everyone find information.

    • D. 

      All of the above.

  • 12. 
    Who are data users?
    • A. 

      Data users use data for their own advantage breaking the Law.

    • B. 

      Data users file, store the data e.g. Doctors and Bankers.

    • C. 

      Data users use the data in databases.

    • D. 

      All of the above.

  • 13. 
    Who are the targets of modern-day hackers?
    • A. 

      Banks and finance companies who process a lot of payments.

    • B. 

      Any organisation or individual is liable to be the victim of hackers.

    • C. 

      Companies which hold a lot of proprietary information.

    • D. 

      Companies which hold credit card numbers of customers.

  • 14. 
    What is the best way to validate a legitimate email vs. a phishing email?
    • A. 

      Bad spelling, poor syntax and grammar are one of the tell-tale signs of a fake email.

    • B. 

      Look at the email headers to see where it really came from.

    • C. 

      Look for poorly replicated logos.

    • D. 

      Contact the sender on some other medium besides email to verify whether they sent you the email.

  • 15. 
    How often should you backup your data?
    • A. 

      Once a week.

    • B. 

      Once a month.

    • C. 

      In accordance with your organisation’s backup policy and the criticality of the data in question.

    • D. 

      Once a fortnight.

  • 16. 
    Where should you store the encryption passphrase for your laptop?
    • A. 

      On a sticker underneath your laptop’s battery as it’s not visible to anyone using the laptop.

    • B. 

      On a sticky note attached to the base of your laptop.

    • C. 

      In a password-protected Word file stored on your laptop.

    • D. 

      Use the password management tool supplied/authorised by your organisation.

  • 17. 
    Which one of the following would be classified as sensitive personal data?
    • A. 

      Address

    • B. 

      CCTV Video

    • C. 

      Name

    • D. 

      Religion

  • 18. 
    After you have finished using someone's personal data, what should you do with it?
    • A. 

      Pass it on to someone else

    • B. 

      Give it back to the owner

    • C. 

      Securely delete or destroy it

    • D. 

      Throw it out

  • 19. 
    How many principles of the Data Protection Act are there?(According to GDPR)
    • A. 

      5

    • B. 

      6

    • C. 

      7

    • D. 

      8

  • 20. 
    What is the person (or office) who has the powers to enforce the Data Protection Act called?
    • A. 

      Information Commissioner

    • B. 

      Data Controller

    • C. 

      Data Subject

    • D. 

      Data User