New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

APICS CPIM-8.0 - Certified in Planning and Inventory Management (CPIM 8.0)

APICS CPIM-8.0 Premium Access     Download Demo    
Page: 3 / 12
Total 585 questions

An employee returns a borrowed laptop used for lab testing. What is the BEST action the technician should perform upon receiving the laptop to ensure no sensitive information will be exposed?

A.

Delete all the files.

B.

Purge the hard drive.

C.

Encrypt the hard drive.

D.

Degauss the hard drive.

When resolving conflicts, which canon within the ISC2 Code of Ethics requires members to consider duties to principals and Individuals?

A.

Maintain the privacy and confidentiality of information obtained.

B.

Advance and protect the profession.

C.

Act honorably, honestly, justly, responsibly, and legally.

D.

Maintain competency in their respective fields.

An attacker was able to identify an organization’s wireless network, collect proprietary network resource information, and capture several user credentials. The attacker then used that information to conduct a more sophisticated and impactful attack against the organization. Which method did the attacker MOST likely use to gather the initial information?

A.

Proxy manipulation and Man-in-the-Middle (MITM) attack

B.

Media Access Control (MAC) spoofing and proxy manipulation

C.

Rogue access point and Man-in-the-Middle (MITM) attack

D.

Media Access Control (MAC) spoofing and rogue access point

An organization is migrating some of its applications to the cloud. The Chief Information Security Officer (CISO) is concerned about the accuracy of the reports showing which application should be migrated and how many applications reside on each server. As a result, the CISO is looking to establish asset management requirements. Which of these elements should be considered part of asset management requirements?

A.

Threat modelling and discovery

B.

Configuration Management (CM) database

C.

Risk management framework

D.

Integration testing program

The Business Continuity Plan (BCP) has multiple components. The information security plan portion must prioritize its efforts. Which 3 aspects of information security MUST be prioritized?

A.

Confidentiality, integrity, availability

B.

Physical security, access control, asset protection

C.

Intent, capability, opportunity

D.

Threat level, network security, information disposal

An organization is opening a new data center and is looking for a facilities security officer to provide best practices for the site and facility design. The two major requirements for this organization are not to attract undue attention and avoid proximity to potentially hazardous sites.

What site selection considerations do these requirements BEST fall under when deciding on the location for a facility?

A.

Visibility and natural disasters

B.

Visibility and locale

C.

Visibility and hazardous sites

D.

Visibility and transportation

What is the HIGHEST security concern on trans-border data?

A.

Organizations that are not in highly regulated industries do not have the resources to achieve compliance.

B.

Cyber transactions occur in an ever-changing legal and regulatory landscape without fixed borders.

C.

Information security practitioners are not Subject Matter Experts (SME) for all legal and compliance requirements.

D.

Organizations must follow all laws and regulations related to the use of the Internet.

A security consultant is working with an organization to help evaluate a proposal received from a new managed security service provider. There are questions about the confidentiality and effectiveness of the provider's system over a period of time. Which of the following System And Organization Controls (SOC) report types should the consultant request from the provider?

A.

SOC 2 Type 1

B.

SOC 2 Type 2

C.

SOC 1 Type 1

D.

SOC 1 Type 2

What is the MOST beneficial principle of threat modeling?

A.

To focus on specific adversaries, assets, or techniques

B.

To improve the security and privacy of a system through early and frequent analysis

C.

To create meaningful outcomes when they are of value to external agencies

D.

To create a single threat model representation as multiple models may be inconsistent

A multinational organization acquires a subsidiary. The acquisition results in the need to integrate a large population of new users into the organization's corporate cloud. What is the MAIN benefit of the organization's Federated Identity Management (FIM) system to address the need?

A.

Efficient access provisioning

B.

Increased robustness of authentication

C.

Greater flexibility of access control

D.

Reduced complexity of maintenance and changes

A hot Disaster Recovery (DR) data center is the victim of a data breach. The hackers are able to access and copy 10GB of clear text confidential information. Which of the following could have decreased the amount of exposure from this data breach?

A.

Encryption in transit

B.

Layer 7 filtering

C.

Encryption at rest

D.

Password hashing

A software development vendor wants to test the Application Programming Interface (API). The testers use and manipulate data to identify the various states of the application behavior. What is the kind of testing that is being used?

A.

Quality Assurance (QA) testing

B.

Integration technique

C.

User Acceptance Testing

D.

Fuzzing technique

Which of the following tactics can be employed effectively to reduce appraisal quality costs?

A.

Investing in prevention

B.

Conducting quality audits

C.

Loosening product specifications

D.

Implementing house of quality (HOQ)

During a security incident investigation, a security analyst discovered an unauthorized module was compiled into an application package as part of the application assembly phase. This incident occurred immediately prior to being digitally signed and deployed using a deployment pipeline.

Which of the following security controls would BEST prevent this type of incident in the future?

A.

Invoke code repository vulnerability scanning on a regularly scheduled basis.

B.

Implement Role-Based Access Controls (RBAC) in each component of the deployment pipeline.

C.

Encrypt the application package after being digitally signed.

D.

Implement a software Bill of Materials (BOM) for each application package.

When designing a production cell, which of the following items would be the most important consideration?

A.

Theunit per hour requirement for the production cell to meet the sales forecast

B.

Theflow of materials into the cell and sequencing of operations to minimize total cycle time

C.

Theoutput rate for the first operation and move time after the last workstation

D.

Thetakt time requirement for each operator to meet the monthly production goals of the plant