Weekend Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = simple70

Home
CIPS
CIPS Level 6 Professional Diploma in Procurement and Supply
L6M7
Commercial Data Management Questions and Answers

Pass the CIPS Level 6 Professional Diploma in Procurement and Supply L6M7 Questions and answers with ExamsMirror

Practice at least 50% of the questions to maximize your chances of passing.

Exam L6M7 Premium Access

View all detail and faqs for the L6M7 exam

Go to Exam

507 Students Passed

92% Average Score

98% Same Questions

Viewing page 1 out of 3 pages

Viewing questions 1-10 out of questions

Questions # 1:

What is the purpose of a 'Logic Gate'?

Options:

To assist in the analysis of large data sets

To take input from two transistors and convert it to one output

To display data in different formats, e.g., videos

To increase the operating speed of a computer

Answer

Explanation

Logic Gates take inputs and convert them to outputs. They perform mathematical calculations, count, compare numbers, and remember data. (P.4)

=================

Questions # 2:

Which of the following is a human risk in cybersecurity? Select ALL that apply.

Options:

Malware

Weak passwords

System overheating

Opening unsecure attachments

Obsolescent technology

Answer

B, D

Explanation

Human errors, such as using weak passwords and opening insecure attachments, are major risks in cybersecurity. Educating users on best security practices can help mitigate these threats. The other options relate to technical or system risks rather than human behavior. (P.173)

=================

Questions # 3:

Which of the following is an example of a data-enhanced product?

Options:

A third-party cloud storage system

A fridge that can recommend recipes based on the contents inside it

An airline that changes the price of flights depending on demand

An air-conditioning unit in a hot warehouse

Answer

Explanation

A data-enhanced product is a physical product that incorporates data-driven functionality to provide additional features. A smart fridge that suggests recipes based on its contents is an example, as it uses data to enhance user experience.

Questions # 4:

Henry is the Head of IT at Purple Rain Ltd and is presenting a case to the Senior Leadership Team to ask for more investment in the company's IT strategy. Henry believes the company has an issue with data resilience and is asking for more money to be invested in this. He has completed a Business Impact Assessment (BIA) to better understand what data the company holds. Jon is the Head of Procurement and has listened intently to Henry's presentation. He has decided to go back to his department and complete a thorough risk assessment, as he is aware his team holds a lot of data on suppliers and contracts. The CEO of Purple Rain, Roger Nelson, has asked Henry about next steps in order to protect the company from further risks associated with the IT strategy. Data is currently stored on servers located at Purple Rain's Headquarters. The server room is locked at all times of the day and is only accessible to staff members who have a key. The building itself is extremely secure with CCTV systems located both inside the server room and outside it. However, the server room is prone to overheating.

What is Henry's primary concern?

Options:

The accuracy of the data is questionable

There is a lack of data to inform business requirements

The company may not be able to recover quickly from disruption

The data has gone missing

Answer

Explanation

Data resilience refers to a company’s ability to recover quickly from disruption, such as power outages or physical damage (e.g., flooding of IT equipment). Henry’s concern is that the current setup lacks resilience in case of an incident. (P.102)

=================

Questions # 5:

Which of the following is an International Standard in Security Management Systems?

Options:

ISO 14001

ISO 9001

ISO 28000

ISO 20400

Answer

Explanation

ISO 28000 is an international standard that focuses on supply chain security management, based on the Deming Cycle (Plan, Do, Check, Act). Familiarity with ISO 27001 and ISO 27002 is also recommended. (P.130)

=================

Questions # 6:

Francis bought a car 4 years ago and is unsure if the company has any data on her. What can Francis do?

Options:

Make a Subject Access Request

Make a Freedom of Information Request

Nothing - the car company will not have data on her as this was 4 years ago

Nothing - the car company does not need to reveal what information it holds about customers

Answer

Explanation

Francis can make a Subject Access Request. This is when you ask what data do you hold about me. The company must respond within 40 calendar days. A Freedom of Information request is different- this is when a member of the public asks the government to reveal information such as 'how much money have you spent on replacing toilet seats in Parliament?'. P.127

Domain: 2.3

Questions # 7:

At Consultancy X, employees create a range of documents daily, from presentation slides to spreadsheets. Consultancy X was concerned that important data could easily be lost, so it implemented a system where data entered during the day is saved overnight on a backup server. This way, if any individual computer or device should fail, the employee can still access their data. What is the risk approach taken by Consultancy X?

Options:

Eliminate

Reduce

Transfer

Answer

Explanation

The company reduced the risk of data loss by using a backup system, though it did not eliminate the risk entirely. Transferring risk would involve making another party responsible, and accepting risk would mean doing nothing. (P.109)

=================

Questions # 8:

Zach is the Head of Procurement at a super secret military base. He does not want anyone outside of the base to know what he is procuring or which suppliers he uses as this information could be critical to national defence. He is aware that cyber criminals may be interested in stealing this information so he has decided to disconnect critical machines and systems from the internet. What is this approach to data security known as?

Options:

Unsyncing

Non-repudiation

Filtering

Air-gapping

Answer

Explanation

This is air-gapping. Air-gapping is when you disconnect from an outside network such as the internet. P.171

Domain: 3.1

Questions # 9:

Unstructured data can be organized into semi-structured or structured data by using a short word or phrase to describe what is held in the digital file. What is this marker commonly known as?

Options:

Structured Query Language

Tag

Syncing

Bot

Answer

Explanation

A tag is a marker describing data, commonly used in social media and databases.

Questions # 10:

In order to keep data secure, which three things should be considered?

Options:

Access, accuracy, confidentiality

Location, availability, access

Integrity, location, format

Confidentiality, availability, integrity

Answer

Explanation

This is the CIA triangle which is from p.143. The three aspects are the three corners of the triangle. Remember this one for the exam as I've heard it comes up frequently. Just remember data security = CIA = confidentiality, integrity and availability.

Domain: 3.1

Viewing page 1 out of 3 pages

Viewing questions 1-10 out of questions