New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

APICS CPIM-8.0 - Certified in Planning and Inventory Management (CPIM 8.0)

APICS CPIM-8.0 Premium Access     Download Demo    
Page: 10 / 12
Total 585 questions

Which of the following is the MOST significant flaw when using Federated Identity Management (FIM)?

A.

The initial cost of the setup is prohibitively high for small business.

B.

The token stored by the Identity Provider (IdP) may need to be renewed.

C.

The token generated by the Identity Provider (IdP) may be corrupted.

D.

The participating members in a federation may not adhere to the same rules of governance.

Organization A provides scalable Information Technology (IT) infrastructure while Organization B provides security services to customers via Software as a Service (SaaS) model. Which document is used to express a set of intended actions between the organizations with respect to meeting the customers’ needs?

A.

Business partnership agreement

B.

Interconnection Security Agreement (ISA)

C.

Framework partnership agreement

D.

Memorandum of Understanding (MOU)

An organization’s security assessment recommended expanding its secure software development framework to include testing Commercial Off-The-Shelf (COTS) products before deploying those products in production. What is the MOST likely reason for this recommendation?

A.

To identify any residual vulnerabilities prior to release in the production environment

B.

To identify and remediate any residual vulnerabilities prior to the end of the user acceptance testing

C.

To identify any residual vulnerabilities prior to the end of the trial run of the software

D.

To identify and remediate any residual vulnerabilities prior to release in the production environment

A customer of a financial Institution denies that a transaction occurred. Which of the following is used to provide evidence evidence that the customer performed the transaction?

A.

Authorization controls

B.

Two-Factor Authentication (2FA)

C.

Non-repudiation controls

D.

Access audit

Which of the following categories of web services testing describes correctness testing of web service security functionality?

A.

Focuses on ensuring that security operations performed by a web service meets its stated requirements

B.

Generally includes threat modeling, requirements risk analysis, and security modeling

C.

Ensures that individual protocol implementations adhere to the relevant published standards

D.

Focuses on the smallest unit of the web service application, apart from the rest of the application

A security analyst has been asked to build a data retention policy for a hospital. What is the FIRST action that needs to be performed in building this policy?

A.

Determine local requirements.

B.

Determine federal requirements.

C.

Ensure that all data has been classified.

D.

Designate a person of authority.

What function prevents unauthorized devices from gaining access to a network?

A.

Network Access Control (NAC)

B.

Storage Area Network (SAN)

C.

Network Address Translation (NAT)

D.

Software-Defined Network (SDN)

The project manager for a new application development is building a test framework. It has been agreed that the framework will Include penetration testing; however, the project manager is keen to identify any flaws prior to the code being ready for execution. Which of the following techniques BEST supports this requirement?

A.

System vulnerability scans

B.

Database injection tests

C.

System reliability tests

D.

Static source code analysis

Which of the below represents the GREATEST cloud-specific policy and organizational risk?

A.

Supply chain failure

B.

Loss of business reputation due to co-tenant activities

C.

Loss of governance between the client and cloud provider

D.

Cloud service termination or failure

A life cycle assessment (LCA) would be used to determine:

A.

the length of a long-term agreement.

B.

how an Item should be scheduled.

C.

environmental aspects and impacts.

D.

If risk pooling would reduce inventory investment.

What is the MAIN purpose of risk and impact analysis?

A.

Calculate the cost of implementing effective countermeasures.

B.

Calculate the effort of implementing effective countermeasures.

C.

Identify countermeasures.

D.

Eliminate the risk of most threats.

An organization is migrating its access controls to a certificate-based authentication system.

What will need to be established to verify the identity of all users connecting to the network before rolling out the system?

A.

A biometric system needs to scan unique attributes of all users.

B.

A Certificate Authority (CA) needs to issue new passwords to all users.

C.

A Certificate Authority (CA) needs to issue the certificates to all users.

D.

A challenge response system needs to validate all user access.

Which of the following should recommendations from a Plan Of Action And Milestones (POA&M) be based on?

A.

Continuous monitoring

B.

Change Control Board (CCB) coordination

C.

Risk acceptance

D.

Root cause analysis

A champion is assigned to lead a threat modeling exercise. Which of the following will be the FIRST thing to consider?

A.

Using an automated tool to construct system models

B.

Outlining a detailed threat modeling procedure

C.

Scheduling weekly threat modeling sessions

D.

Ensuring the right stakeholder are involved

Which of the following statements best characterizes enterprise resources planning (ERP) systems?

A.

They track activity from customer order through payment.

B.

They are expensive but easy to implement.

C.

They provide real-time planning and scheduling, decision support, available-to-promise (ATP), and capable-to-promise (CTP) capabilities.

D.

They are used for strategic reporting requirements.