Certified Ethical Hacker (CEH) Practice Exam 2025 – Your All-in-One Guide to Exam Success!

The Privacy Act of 1974 is designed to protect the privacy of individuals by governing how federal agencies collect, maintain, use, and disseminate personal information. The correct statement indicates that the act prohibits government agencies from disclosing personal information without the consent of the individual concerned. This means that if a government agency wants to share personal data, it generally must obtain the explicit consent of the individual before doing so.

In contrast, other options do not accurately reflect the purpose or provisions of the Privacy Act. Unrestricted access to personal information by government agencies is contrary to the principles of the act, as one of its main objectives is to restrict such access. The act does not extend its regulations to private sector data collection; that is covered under different laws like the Fair Credit Reporting Act or sector-specific regulations. Furthermore, while the Privacy Act emphasizes the protection of personal information, it does not mandate data encryption as a requirement for handling such information. The act's primary focus is on consent and the rights of individuals regarding their personal data.