New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

APICS CPIM-8.0 - Certified in Planning and Inventory Management (CPIM 8.0)

APICS CPIM-8.0 Premium Access     Download Demo    
Page: 8 / 12
Total 585 questions

What is the BEST item to consider when designing security for information systems?

A.

The comprehensive level of assurance required

B.

The jurisdiction of the information system

C.

The security requirements of the board

D.

The Disaster Recovery Plan (DRP)

An organization has been the subject of increasingly sophisticated phishing campaigns in recent months and has detected unauthorized access attempts against its Virtual Private Network (VPN) concentrators. Which of the following implementations would have the GREATEST impact on reducing the risk of credential compromise?

A.

Increasing the network password complexity requirements

B.

Implementing tougher encryption on the VPN

C.

Implementing Multi-Factor Authentication (MFA)

D.

Implementing advanced endpoint protection on user endpoints

Which of the physiological biometric scanning methods is considered the MOST invasive?

A.

Retina

B.

Facial recognition

C.

Iris

D.

Hand geometry

What are the FIRST two steps an organization should conduct to classify its assets?

A.

Define user requirements and collate existing inventories

B.

Categorize assets and set minimum security controls

C.

Conduct an inventory of assets and determine the owners

D.

Obtain senior management buy-in and conduct a risk assessment

A consultant has been engaged to support the team in analyzing why the development of a new software product has slipped schedule by a year. The consultant discovered an increase of the functionality requirements due to the failure of the asset tracking program. Which of the following BEST describes which system lifecycle element is impacted?

A.

Stakeholder identification

B.

Vision statement

C.

Operational efficiency

D.

Solution boundary

Which of the following methods places a replenishment order when the quantity on hand falls below a predetermined level?

A.

Min-max system

B.

Fixed order quantity

C.

Periodic review

D.

Available-to-promlse (ATP)

Which Open Systems Interconnection (OSI) layer is concerned with Denial-Of-Service (DoS) SYN flood attacks?

A.

Data

B.

Physical

C.

Network

D.

Transport

A security engineer developing software for a professional services organization has a requirement that users cannot have concurrent access to data of clients that are competitors. Which security model should the security engineer implement to meet this requirement?

A.

Brewer-Nash

B.

Bell-LaPadula

C.

Biba Integrity

D.

Clark Wilson

An organization has a call center that uses a Voice Over Internet Protocol (VoIP) system. The conversations are sensitive, and the organization is concerned about employees other than the call agents accessing these conversations. What is the MOST effective additional security measure to make?

A.

Ensure that the call agents are using an additional authentication method.

B.

Implement a Network Access Control (NAC) solution.

C.

Ensure that the voice media is using Secure Real-Time Transport Protocol.

D.

Segment the voice network and add Next-Generation Firewalls (NGFW).

Which of the following should be performed FIRST in the course of a digital forensics investigation?

A.

Undelete files and investigate their content.

B.

Search through unallocated space.

C.

Shut down the system.

D.

Identify any data that needs to be obtained.

A cloud-based web application requires the use of cryptographic keys to encrypt user-uploaded files at rest. Where is the safest place to store these cryptographic keys?

A.

Keys are stored in a password protected zip file.

B.

Keys are stored with source code in a revision control system.

C.

Keys are stored in a cloud-based file storage system.

D.

Keys are stored in a central, internal key management system.

What is a malicious activity that overwhelms a Wireless Access Point (WAP)?

A.

Identification spoofing

B.

Signal jamming

C.

Pin attack

D.

War driving

In an organization that develops aircrafts for military usage, where will the security team focus its efforts to ensure the organization’s data remains confidential?

A.

Technology to monitor the use and transfer of sensitive data

B.

User awareness training

C.

De-identification and sanitization of sensitive data

D.

Data breach insurance

An organization is implementing Zero Trust Network Access (ZTNA) and needs a strategy to measure device trust for employee laptops. Which measurement strategy is BEST suited and why?

A.

Remote using a Trusted Platform Module (TPM) due to better protection of the keys

B.

Local using Trusted Platform Module (TPM) because low-level access software can be accessed

C.

Local using Trusted Platform Module (TPM) because of benefits from Segregation Of Duties (SoD)

D.

Remote using a scanning device because of benefits from Segregation Of Duties (SoD)

E.

Local using Mobile Device Management (MDM) because of device policy enforcement

What is the MAIN reason security is considered as part of the system design phase instead of deferring to later phases?

A.

To prevent the users from performing unauthorized actions during the testing or operational phases

B.

To ensure complexity introduced by security design is addressed in the beginning stages

C.

To reduce the overall cost of incorporating security in a system

D.

To prevent the system from being tampered with in the future