CPIM-8.0 Practice Questions

A.  

Unavailability of access logs

B.  

Integrity of authentication mechanism

C.  

Compromise of service

D.  

Deletion of federated tokens

A.  

Implement Two-Factor Authentication (2FA).

B.  

Segment data repositories by business rules.

C.  

Develop recovery and restoration procedures.

D.  

Address security in third-party agreements.

A.  

One of the requests does not have a valid token issuer's identifier.

B.  

The requests have the same 'auth_time' parameter.

C.  

The requests have the same 'nonce' parameter.

D.  

One of the requests does not have a valid audience token.

A.  

Fixed location

B.  

Floating location

C.  

Point-of-use storage

D.  

Central storage

A.  

Select, install, and implement EDI software.

B.  

Use current third-party logistics provider (3PL) to handle the EDI transactions.

C.  

Claim hardship and ask the automotive manufacturer for a waiver.

D.  

Negotiate using email as an alternative with the customer.

A.  

To provide additional layers of firewalls to the environment

B.  

To create additional logical barriers to entry

C.  

To allow access to new cryptographic keys

D.  

To manage cryptographic keys in a tamper-proof model

A.  

Response tampering

B.  

Machine enumeration

C.  

User agent manipulation

D.  

Social engineering

A.  

It uses statistical tools.

B.  

It is part of the business strategy.

C.  

It influences the product design process.

D.  

It minimizes unscheduled breakdowns.

A.  

Invoke code repository vulnerability scanning on a regularly scheduled basis.

B.  

Implement Role-Based Access Controls (RBAC) in each component of the deployment pipeline.

C.  

Encrypt the application package after being digitally signed.

D.  

Implement a software Bill of Materials (BOM) for each application package.

A.  

Custodian

B.  

Data owner

C.  

Data controller

D.  

System owner

A.  

Physical database integrity, logical database integrity, and ownership integrity

B.  

Availability, auditability, and screening

C.  

Physical database integrity, logical database integrity, and element integrity

D.  

User authentication, availability, and accountability

A.  

Removal is authorized directly by executive management.

B.  

Removal is authorized using a formal sign-out process.

C.  

Removal is authorized when remote use is required for business.

D.  

Removal is authorized if the asset has been disposed of.

A.  

These are two names for the same plan.

B.  

The strategic plan constrains the business plan.

C.  

The two plans are developed independently.

D.  

The two plans are the output of a single process.

A.  

Ituses the same basic competitive style worldwide and focuses efforts on building global brands.

B.  

Itcustomizes the basic competitive style to fit markets but focuses efforts on building global brands.

C.  

Itcoordinates major strategic decisions worldwide but gives country managers wide strategy-making latitude.

D.  

Itoperates plants in many host countries and uses decentralized distribution.

A.  

Apply patches to endpoints across the enterprise.

B.  

Use software configuration management for endpoints.

C.  

Monitor endpoints by collecting software inventory and configuration settings.

D.  

Enforce Two-Factor Authentication (2FA) on endpoints across the enterprise.