Identifying and Safeguarding PII || ACTUAL
QUESTIONS WITH CORRECT ANSWERS!!
which of the following is NOT an example of pii? correct answers pet's nickname
true or false? an individual whose pii has been stolen is susceptible to identity theft, fraud,
and other damage. correct answers true
what is the purpose of a privacy impact assessment (pia)? correct answers determine whether
the collection and maintenance of pii is worth the risk to individuals.
which of the following is not a permitted disclosure of pii contained in a system of records?
correct answers the record is disclosed for a new purpose that is not specified in the sorn.
what guidance identifies federal information security controls? correct answers omb
memorandum m-17-2: preparing for and responding to a breach of personally identifiable
information
individuals who maintain a system of records without publishing the required public notice in
the federal register may be subject to which of the following? correct answers both civil and
criminal penalties
which of the following is not included in a breach notification? correct answers articles and
other media reporting the breach
true or false? phishing is not often responsible for pii data breaches. correct answers false
you are reviewing personnel records containing pii when you notice a record with missing
information. you contact the individual to update the personnel record. is this compliant with
pii safeguarding procedures? correct answers yes
you are tasked with disposing of physical copies of last year's grant application forms. these
documents contain pii so you use a cross-cut shredder to render them unrecognizable and
beyond reconstruction. is this compliant with pii safeguarding procedures? correct answers
yes
your organization has a new requirement for annual security training. to track training
completion, they are using employee social security numbers as record identification. correct
answers non-compliant
your coworker was teleworking when the agency e-mail system shut down. she had an urgent
deadline so sent you an encrypted set of records containing pii from her personal e-mail
account. correct answers non-compliant
you are reviewing personnel records containing pii when you notice a record with missing
information. you contact the individual to update the personnel record. correct answers
compliant
QUESTIONS WITH CORRECT ANSWERS!!
which of the following is NOT an example of pii? correct answers pet's nickname
true or false? an individual whose pii has been stolen is susceptible to identity theft, fraud,
and other damage. correct answers true
what is the purpose of a privacy impact assessment (pia)? correct answers determine whether
the collection and maintenance of pii is worth the risk to individuals.
which of the following is not a permitted disclosure of pii contained in a system of records?
correct answers the record is disclosed for a new purpose that is not specified in the sorn.
what guidance identifies federal information security controls? correct answers omb
memorandum m-17-2: preparing for and responding to a breach of personally identifiable
information
individuals who maintain a system of records without publishing the required public notice in
the federal register may be subject to which of the following? correct answers both civil and
criminal penalties
which of the following is not included in a breach notification? correct answers articles and
other media reporting the breach
true or false? phishing is not often responsible for pii data breaches. correct answers false
you are reviewing personnel records containing pii when you notice a record with missing
information. you contact the individual to update the personnel record. is this compliant with
pii safeguarding procedures? correct answers yes
you are tasked with disposing of physical copies of last year's grant application forms. these
documents contain pii so you use a cross-cut shredder to render them unrecognizable and
beyond reconstruction. is this compliant with pii safeguarding procedures? correct answers
yes
your organization has a new requirement for annual security training. to track training
completion, they are using employee social security numbers as record identification. correct
answers non-compliant
your coworker was teleworking when the agency e-mail system shut down. she had an urgent
deadline so sent you an encrypted set of records containing pii from her personal e-mail
account. correct answers non-compliant
you are reviewing personnel records containing pii when you notice a record with missing
information. you contact the individual to update the personnel record. correct answers
compliant
