CDPSE Certified Data Privacy Solutions Engineer All-in-One Exam Guide
1st Edition
Published on 19. March 2021
448 pages
978-1-260-47483-1 (ISBN)
Available for download
Description
This study guide offers 100% coverage of every objective for the Certified Data Privacy Solutions Engineer Exam This resource offers complete, up-to-date coverage of all the material included on the current release of the Certified Data Privacy Solutions Engineer exam. Written by an IT security and privacy expert, CDPSE Certified Data Privacy Solutions Engineer All-in-One Exam Guide covers the exam domains and associated job practices developed by ISACA . You ll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the CDPSE exam, this comprehensive guide also serves as an essential on-the-job reference for new and established privacy and security professionals.COVERS ALL EXAM TOPICS, INCLUDING:Privacy GovernanceGovernanceManagementRisk ManagementPrivacy ArchitectureInfrastructureApplications and SoftwareTechnical Privacy ControlsData CycleData PurposeData PersistenceOnline content includes:300 practice exam questionsTest engine that provides full-length practice exams and customizable quizzes by exam topic
More details
Other editions
Additional editions
Book
04/2021
McGraw-Hill Education
€59.50
Shipment within 10-20 days
Content
- Cover
- About the Author
- Title Page
- Copyright Page
- Dedication
- Contents at a Glance
- Contents
- Acknowledgments
- Introduction
- Part I Privacy Governance
- Chapter 1 Governance
- Introduction to Privacy Governance
- Privacy Governance Influencers
- Reasons for Privacy Governance
- Privacy and Security Governance Activities and Results
- Business Alignment
- Monitoring Privacy Responsibilities
- Privacy Governance Metrics
- Privacy Strategy Development
- Strategy Objectives
- Control Frameworks
- Risk Objectives
- Strategy Resources
- Privacy Program Strategy Development
- Strategy Constraints
- Chapter Review
- Quick Review
- Questions
- Answers
- Chapter 2 Management
- Privacy Roles and Responsibilities
- Board of Directors
- Executive Management
- Privacy and Security Steering Committees
- Business Process and Business System Owners
- Custodial Responsibilities
- Chief Privacy Officer
- Chief Information Security Officer
- Software Development
- Data Management
- Network Management
- Systems Management
- Operations
- Privacy Operations
- Security Operations
- Privacy Audit
- Security Audit
- Service Desk
- Quality Assurance
- Other Roles
- General Staff
- Building a Privacy Operation
- Identifying Privacy Requirements
- Developing Privacy Policies
- Developing and Running Data Protection Operations
- Developing and Running Data Monitoring Operations
- Working with Data Subjects
- Working with Authorities
- Privacy Training and Awareness
- Training Objectives
- Creating or Selecting Content
- Audiences
- New Hires
- Annual Training
- Communication Techniques
- Third-Party Risk Management
- Cloud Service Providers
- Privacy Regulation Requirements
- TPRM Life Cycle
- Auditing Privacy Operations
- Privacy Audit Scope
- Privacy Audit Objectives
- Types of Privacy Audits
- Privacy Audit Planning
- Privacy Audit Evidence
- Auditing Specific Privacy Practices
- Audit Standards
- Privacy Incident Management
- Phases of Incident Response
- Privacy Incident Response Plan Development
- Privacy Continuous Improvement
- Chapter Review
- Quick Review
- Questions
- Answers
- Chapter 3 Risk Management
- The Risk Management Life Cycle
- The Risk Management Process
- Risk Management Methodologies
- Asset Identification
- Asset Classification
- Asset Valuation
- Threat Identification
- Vulnerability Identification
- Risk Identification
- Risk, Likelihood, and Impact
- Risk Analysis Techniques and Considerations
- Privacy Impact Assessments
- PIA Procedure
- Engaging Data Subjects in a PIA
- The Necessity of a PIA
- Integrating into Existing Processes
- Recordkeeping and Reporting
- Risks Specific to Privacy
- Privacy Threats
- Privacy Countermeasures
- Chapter Review
- Quick Review
- Questions
- Answers
- Part II Privacy Architecture
- Chapter 4 Infrastructure
- Technology Stacks
- Hardware
- Operating Systems
- Database Management Systems
- Application Servers
- Cloud Services
- Infrastructure as a Service
- Platform as a Service
- Software as a Service
- Serverless Computing
- Mobile Backend as a Service
- Shadow IT and Citizen IT
- Endpoints
- Laptop and Desktop Computers
- Virtual Desktop Infrastructure
- Mobile Devices
- Bring-Your-Own ________
- Zero Trust Architecture
- Connected Devices and Operational Technology
- Remote Access
- Client VPN
- Clientless (SSL) VPN
- Split Tunneling
- System Hardening
- Hardening Principles
- Hardening Standards
- Security and Privacy by Design
- Chapter Review
- Quick Review
- Questions
- Answers
- Chapter 5 Applications and Software
- Privacy and Security by Design
- Systems Development Life Cycle
- SDLC Phases
- Software Development Risks
- Alternative Software Development Approaches and Techniques
- System Development Tools
- Acquiring Cloud-based Infrastructure and Applications
- Applications and Software Hardening
- Application Hardening Principles
- Testing Applications
- APIs and Services
- Online Tracking and Behavioral Profiling
- Tracking Techniques and Technologies
- Tracking in the Workplace
- Tracking Prevention
- Chapter Review
- Quick Review
- Questions
- Answers
- Chapter 6 Technical Privacy Controls
- Controls
- Control Objectives
- Privacy Control Objectives
- Control Frameworks
- Communication and Transport Protocols
- Network Media
- Network Protocols
- Network Architecture
- Encryption, Hashing, and De-identification
- Encryption
- Key Management
- De-identification
- Monitoring and Logging
- Event Monitoring
- Identity and Access Management
- Access Controls
- Chapter Review
- Quick Review
- Questions
- Answers
- Part III Data Cycle
- Chapter 7 Data Purpose
- Data Governance
- Policies and Standards
- Roles and Responsibilities
- Control Objectives and Controls
- Assessments
- Reporting
- Data Inventory
- Data Classification
- Data Classification Levels
- Data Handling Standards
- Data Loss Prevention Automation
- System and Site Classification
- Data Quality and Accuracy
- Data Flow and Usage Diagrams
- Data Use Limitation
- Data Use Governance
- External Privacy Policy
- Data Analytics
- Chapter Review
- Quick Review
- Questions
- Answers
- Chapter 8 Data Persistence
- Data Minimization
- Collecting Only Required Fields
- Collecting Only Required Records
- Discarding Data When No Longer Needed
- Minimizing Access
- Minimizing Storage
- Minimizing Availability
- Minimizing Retention
- Minimization Through De-identification
- Data Migration
- Data Storage
- Data Warehousing
- Data Retention and Archiving
- Industry Data Retention Laws
- Right to Be Forgotten
- Data Archival
- Data Destruction
- Chapter Review
- Quick Review
- Questions
- Answers
- Part IV Appendix and Glossary
- Appendix About the Online Content
- System Requirements
- Your Total Seminars Training Hub Account
- Privacy Notice
- Single User License Terms and Conditions
- TotalTester Online
- Technical Support
- Glossary
- Index
