CDPSE Certified Data Privacy Solutions Engineer All-in-One Exam Guide

Book description

This study guide offers 100% coverage of every objective for the Certified Data Privacy Solutions Engineer Exam

This resource offers complete, up-to-date coverage of all the material included on the current release of the Certified Data Privacy Solutions Engineer exam. Written by an IT security and privacy expert, CDPSE Certified Data Privacy Solutions Engineer All-in-One Exam Guide covers the exam domains and associated job practices developed by ISACA®. You’ll find learning objectives at the beginning of each chapter, exam tips, practice exam questions, and in-depth explanations. Designed to help you pass the CDPSE exam, this comprehensive guide also serves as an essential on-the-job reference for new and established privacy and security professionals.

COVERS ALL EXAM TOPICS, INCLUDING:

  • Privacy Governance
    Governance
    Management
    Risk Management
  • Privacy Architecture
    Infrastructure
    Applications and Software
    Technical Privacy Controls
  • Data Cycle
    Data Purpose
    Data Persistence
Online content includes:

  • 300 practice exam questions
  • Test engine that provides full-length practice exams and customizable quizzes by exam topic


Table of contents

  1. Cover
  2. About the Author
  3. Title Page
  4. Copyright Page
  5. Dedication
  6. Contents at a Glance
  7. Contents
  8. Acknowledgments
  9. Introduction
  10. Part I Privacy Governance
    1. Chapter 1 Governance
      1. Introduction to Privacy Governance
        1. Privacy Governance Influencers
        2. Reasons for Privacy Governance
        3. Privacy and Security Governance Activities and Results
        4. Business Alignment
        5. Monitoring Privacy Responsibilities
        6. Privacy Governance Metrics
      2. Privacy Strategy Development
        1. Strategy Objectives
        2. Control Frameworks
        3. Risk Objectives
        4. Strategy Resources
        5. Privacy Program Strategy Development
        6. Strategy Constraints
      3. Chapter Review
        1. Quick Review
        2. Questions
        3. Answers
    2. Chapter 2 Management
      1. Privacy Roles and Responsibilities
        1. Board of Directors
        2. Executive Management
        3. Privacy and Security Steering Committees
        4. Business Process and Business System Owners
        5. Custodial Responsibilities
        6. Chief Privacy Officer
        7. Chief Information Security Officer
        8. Software Development
        9. Data Management
        10. Network Management
        11. Systems Management
        12. Operations
        13. Privacy Operations
        14. Security Operations
        15. Privacy Audit
        16. Security Audit
        17. Service Desk
        18. Quality Assurance
        19. Other Roles
        20. General Staff
      2. Building a Privacy Operation
        1. Identifying Privacy Requirements
        2. Developing Privacy Policies
        3. Developing and Running Data Protection Operations
        4. Developing and Running Data Monitoring Operations
        5. Working with Data Subjects
        6. Working with Authorities
      3. Privacy Training and Awareness
        1. Training Objectives
        2. Creating or Selecting Content
        3. Audiences
        4. New Hires
        5. Annual Training
        6. Communication Techniques
      4. Third-Party Risk Management
        1. Cloud Service Providers
        2. Privacy Regulation Requirements
        3. TPRM Life Cycle
      5. Auditing Privacy Operations
        1. Privacy Audit Scope
        2. Privacy Audit Objectives
        3. Types of Privacy Audits
        4. Privacy Audit Planning
        5. Privacy Audit Evidence
        6. Auditing Specific Privacy Practices
        7. Audit Standards
      6. Privacy Incident Management
        1. Phases of Incident Response
        2. Privacy Incident Response Plan Development
      7. Privacy Continuous Improvement
      8. Chapter Review
        1. Quick Review
        2. Questions
        3. Answers
    3. Chapter 3 Risk Management
      1. The Risk Management Life Cycle
        1. The Risk Management Process
        2. Risk Management Methodologies
        3. Asset Identification
        4. Asset Classification
        5. Asset Valuation
        6. Threat Identification
        7. Vulnerability Identification
        8. Risk Identification
        9. Risk, Likelihood, and Impact
        10. Risk Analysis Techniques and Considerations
      2. Privacy Impact Assessments
        1. PIA Procedure
        2. Engaging Data Subjects in a PIA
        3. The Necessity of a PIA
        4. Integrating into Existing Processes
        5. Recordkeeping and Reporting
        6. Risks Specific to Privacy
        7. Privacy Threats
        8. Privacy Countermeasures
      3. Chapter Review
        1. Quick Review
        2. Questions
        3. Answers
  11. Part II Privacy Architecture
    1. Chapter 4 Infrastructure
      1. Technology Stacks
        1. Hardware
        2. Operating Systems
        3. Database Management Systems
        4. Application Servers
      2. Cloud Services
        1. Infrastructure as a Service
        2. Platform as a Service
        3. Software as a Service
        4. Serverless Computing
        5. Mobile Backend as a Service
        6. Shadow IT and Citizen IT
      3. Endpoints
        1. Laptop and Desktop Computers
        2. Virtual Desktop Infrastructure
        3. Mobile Devices
        4. Bring-Your-Own ________
        5. Zero Trust Architecture
        6. Connected Devices and Operational Technology
      4. Remote Access
        1. Client VPN
        2. Clientless (SSL) VPN
        3. Split Tunneling
      5. System Hardening
        1. Hardening Principles
        2. Hardening Standards
      6. Security and Privacy by Design
      7. Chapter Review
        1. Quick Review
        2. Questions
        3. Answers
    2. Chapter 5 Applications and Software
      1. Privacy and Security by Design
      2. Systems Development Life Cycle
        1. SDLC Phases
        2. Software Development Risks
        3. Alternative Software Development Approaches and Techniques
        4. System Development Tools
        5. Acquiring Cloud-based Infrastructure and Applications
      3. Applications and Software Hardening
        1. Application Hardening Principles
        2. Testing Applications
      4. APIs and Services
      5. Online Tracking and Behavioral Profiling
        1. Tracking Techniques and Technologies
        2. Tracking in the Workplace
        3. Tracking Prevention
      6. Chapter Review
        1. Quick Review
        2. Questions
        3. Answers
    3. Chapter 6 Technical Privacy Controls
      1. Controls
        1. Control Objectives
        2. Privacy Control Objectives
        3. Control Frameworks
      2. Communication and Transport Protocols
        1. Network Media
        2. Network Protocols
        3. Network Architecture
      3. Encryption, Hashing, and De-identification
        1. Encryption
        2. Key Management
      4. De-identification
      5. Monitoring and Logging
        1. Event Monitoring
      6. Identity and Access Management
        1. Access Controls
      7. Chapter Review
        1. Quick Review
        2. Questions
        3. Answers
  12. Part III Data Cycle
    1. Chapter 7 Data Purpose
      1. Data Governance
        1. Policies and Standards
        2. Roles and Responsibilities
        3. Control Objectives and Controls
        4. Assessments
        5. Reporting
      2. Data Inventory
      3. Data Classification
        1. Data Classification Levels
        2. Data Handling Standards
        3. Data Loss Prevention Automation
        4. System and Site Classification
      4. Data Quality and Accuracy
      5. Data Flow and Usage Diagrams
      6. Data Use Limitation
        1. Data Use Governance
        2. External Privacy Policy
        3. Data Analytics
      7. Chapter Review
        1. Quick Review
        2. Questions
        3. Answers
    2. Chapter 8 Data Persistence
      1. Data Minimization
        1. Collecting Only Required Fields
        2. Collecting Only Required Records
        3. Discarding Data When No Longer Needed
        4. Minimizing Access
        5. Minimizing Storage
        6. Minimizing Availability
        7. Minimizing Retention
        8. Minimization Through De-identification
      2. Data Migration
      3. Data Storage
      4. Data Warehousing
      5. Data Retention and Archiving
        1. Industry Data Retention Laws
        2. Right to Be Forgotten
        3. Data Archival
      6. Data Destruction
      7. Chapter Review
        1. Quick Review
        2. Questions
        3. Answers
  13. Part IV Appendix and Glossary
    1. Appendix About the Online Content
      1. System Requirements
      2. Your Total Seminars Training Hub Account
        1. Privacy Notice
      3. Single User License Terms and Conditions
      4. TotalTester Online
      5. Technical Support
  14. Glossary
  15. Index

Product information

  • Title: CDPSE Certified Data Privacy Solutions Engineer All-in-One Exam Guide
  • Author(s): Peter H. Gregory
  • Release date: March 2021
  • Publisher(s): McGraw-Hill
  • ISBN: 9781260474831