Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = getmirror

Home
APICS
CPIM
CPIM-8.0
Certified in Planning and Inventory Management (CPIM 8.0) Questions and Answers

Pass the APICS CPIM CPIM-8.0 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam CPIM-8.0 Premium Access

View all detail and faqs for the CPIM-8.0 exam

Go to Exam

896 Students Passed

84% Average Score

97% Same Questions

Viewing page 9 out of 12 pages

Viewing questions 121-135 out of questions

Questions # 121:

Which security concept applies if an architecture diagram illustrates a particular user/role combination with access to an asset or applicaton?

Options:

Non-repudiation

Identification

Authorization

Authentication

Answer

Questions # 122:

A cybersecurity analyst is reviewing a recent incident in which the adversaries were able to move vertically within the network. Which attack phase MOST clearly represents this scenario?

Options:

System browsing

Escalating privileges

Gaining access

Installing additional tools

Answer

Questions # 123:

An organization has to conduct quarterly reviews of user authorization access to its primary financial application. Which position is responsible for performing these reviews?

Options:

Internal audit manager

Information Security Manager (ISM)

Data custodian

Data owner

Answer

Questions # 124:

Which of the following is an information security management framework?

Options:

Control Objectives For Information And Related Technologies (COBIT)

Information Technology Infrastructure Library (ITIL)

International Organization For Standardization (ISO) 27001

Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM)

Answer

Questions # 125:

A cybersecurity analyst is responsible for identifying potential security threats and vulnerabilities in the organization's software systems. Which action BEST demonstrates the understanding and application of threat modeling concepts and methodologies?

Options:

Implementing a Business Continuity Plan (BCP)

Conducting access control assessments for the data center

Analyzing potential attack vectors for a new software application

Developing a Disaster Recovery Plan (DRP) for critical systems

Answer

Questions # 126:

What is a malicious activity that overwhelms a Wireless Access Point (WAP)?

Options:

Identification spoofing

Signal jamming

Pin attack

War driving

Answer

Questions # 127:

A financial organization is using an internally developed application.The internal software development team has to adhere to the coding standards of the Software Development Cycle (SDLC).For applications whose functionality is exposed through the public Internet, this requirement consists of testing the application for potential vulnerabilities before it is deployed into production. What is the BEST type of vulnerability test to perform?

Options:

Online application assurance test

Web application unit test

Online application development test

Web application penetration test

Answer

Questions # 128:

A company assembles kits of hand tools after receipt of the order from distributors and uses two-level master scheduling. The appropriate levels of detail for the forecasts that are input to master scheduling would be total number of kits and:

Options:

each unique tool.

percentage of total for each tool.

raw material requirements.

specific kit configurations.

Answer

Explanation

A company that uses two-level master scheduling has a master production schedule (MPS) for the end items (kits) and a final assembly schedule (FAS) for the components (tools). The forecasts that are input to master scheduling should reflect the total number of kits and the specific kit configurations, as these determine the demand for the components. The other options are not relevant for master scheduling, as they do not reflect the end item demand or the bill of materials structure. References: EXAM CONTENT MANUAL PREVIEW, page 10, section 4.1.2. Manufacturing Planning and Control for Supply Chain Management: The CPIM Reference, Second Edition, page 163, section 6.2.

Questions # 129:

An organization is running a cloud-based application to process the information obtained at point-of-sale devices. Which guideline should be applied to the application?

Options:

Health Insurance Portability And Accountability Act (HIPAA)

Application Security Verification Standard (ASVS)

Payment Card Industry Data Security Standard (PCI DSS)

Gramm-Leach-Bliley Act (GLBA)

Answer

Questions # 130:

A security analyst has been asked to build a data retention policy for a hospital. What is the FIRST action that needs to be performed in building this policy?

Options:

Determine local requirements.

Determine federal requirements.

Ensure that all data has been classified.

Designate a person of authority.

Answer

Questions # 131:

Broadcast traffic is causing network performance degradation of sensitive equipment.

Which of the following methods is used to prevent the broadcast traffic from impacting availability?

Options:

Place the sensitive equipment behind a firewall to prevent the broadcast traffic from impacting the equipment.

Implement Quality of Service (QoS) on network switches to throttle the sensitive equipment traffic.

Move the sensitive equipment to a different switch port to prevent the broadcast traffic from impacting the equipment.

Use Network Access Control (NAC) to prevent the broadcast traffic from broadcasting.

Answer

Questions # 132:

Which of the following factors is the MOST important consideration for a security team when determining whether cryptographic erasure can be used for disposal of a device?

Options:

If the data on the device exceeds what cryptographic erasure can safely process

If the methods meet the International Organization for Standardization/International Electrotechnical Commission (ISO/IEC) 27001

If security policies allow for cryptographic erasure based on the data stored on the device

If the device was encrypted prior using cipher block chaining

Answer

Questions # 133:

An information security auditor is creating an audit program to assess endpoint security controls for portable storage media movement. Which type of control will MOST likely be part of the program?

Options:

Detective control

Device control

Recovery control

Network control

Answer

Questions # 134:

An infrastructure team is setting up a wireless network for employees at a new location of the organization that is located near a very busy city transport hub. Which should be the MOST important antenna consideration with regard to securing the wireless network for the infrastructure team?

Options:

Network's Service Set Identifier (SSID) visibility and vulnerabilities are not cast out too far.

Parabolic antenna is used for signal convergence.

Network efficiently allows maximum channel separation.

Implement Wired Equivalent Privacy (WEP) encryption.

Answer

Questions # 135:

An organization has hired a new auditor to review its critical systems infrastructure for vulnerabilities. Which of the following BEST describes the methodology the auditor will use to test whether servers are set up according to the organization's documented policies and standards?

Options:

Select an appropriate sample size of changes to production servers related to critical systems within the audit period and ensure they adhere to documented policies and standards.

Select an appropriate sample size of recently deployed servers and review their configuration files against the organization's policies and standards.

Select all production servers related to critical systems and review their configuration files against the organization's policies and standards.

Select an appropriate sample size of changes to recently deployed servers within the audit period and ensure they adhere to documented policies and standards.

Answer

Viewing page 9 out of 12 pages

Viewing questions 121-135 out of questions