IDENTIFYING SAFEGUARDING PII
CERTIFICATION EVALUATION 2026 TESTED
MATERIAL A+
◉ True or false? A System of Records Notice (SORN) is not required
if an organization determines that PII will be stored using a system
of records. True or False. Answer: False
◉ What guidance identifies federal information security controls?
1. The Freedom of Information Act (FOIA)
2. DoD 5400.11-R: DoD Privacy Program
3. OMB Memorandum M-17-12: Preparing for and Responding to a
Breach of Personally Identifiable Information
4. The Privacy Act of 1974. Answer: OMB Memorandum M-17-12:
Preparing for and Responding to a Breach of Personally Identifiable
Information
◉ If someone tampers with or steals an individual's, PII, they could
be exposed to which of the following?
1. Identity theft
2. Fraud
3. Embarrassment
4. All of the above. Answer: All of the above
, ◉ What is PII?
1. A type of social engineering that uses email messages
2. Information that if revealed could have a damaging effect on
National Security
3. A subset of information about individuals that is limited to patient
4. Information that can be used to distinguish or trace an
individual's identity, either alone, or when combined with other
personal or identifying information. Answer: Information that can
be used to distinguish or trace an individual's identity, either alone,
or when combined with other personal or identifying information
◉ Which of the following are examples of PI
1. Social
2. Drivers license
3. Fingerprint
4. First pets name. Answer: Social, Drivers License, Fingerprint
◉ This regulation governs the DoD privacy program.. Answer: DoD
5400.11-R: DoD Privacy Program
◉ This law establishes the public's right to access federal
government information.. Answer: Freedom of Information Act
(FOIA)
CERTIFICATION EVALUATION 2026 TESTED
MATERIAL A+
◉ True or false? A System of Records Notice (SORN) is not required
if an organization determines that PII will be stored using a system
of records. True or False. Answer: False
◉ What guidance identifies federal information security controls?
1. The Freedom of Information Act (FOIA)
2. DoD 5400.11-R: DoD Privacy Program
3. OMB Memorandum M-17-12: Preparing for and Responding to a
Breach of Personally Identifiable Information
4. The Privacy Act of 1974. Answer: OMB Memorandum M-17-12:
Preparing for and Responding to a Breach of Personally Identifiable
Information
◉ If someone tampers with or steals an individual's, PII, they could
be exposed to which of the following?
1. Identity theft
2. Fraud
3. Embarrassment
4. All of the above. Answer: All of the above
, ◉ What is PII?
1. A type of social engineering that uses email messages
2. Information that if revealed could have a damaging effect on
National Security
3. A subset of information about individuals that is limited to patient
4. Information that can be used to distinguish or trace an
individual's identity, either alone, or when combined with other
personal or identifying information. Answer: Information that can
be used to distinguish or trace an individual's identity, either alone,
or when combined with other personal or identifying information
◉ Which of the following are examples of PI
1. Social
2. Drivers license
3. Fingerprint
4. First pets name. Answer: Social, Drivers License, Fingerprint
◉ This regulation governs the DoD privacy program.. Answer: DoD
5400.11-R: DoD Privacy Program
◉ This law establishes the public's right to access federal
government information.. Answer: Freedom of Information Act
(FOIA)
