IAPP CIPM Online Practice Questions and Exam Preparation

IAPP CIPM Online Questions & Answers

• Question 101:

  During the initiation phase of a project to acquire a customer relation management system, what is the FIRST step a project team will take for early integration of security?

  A. Develop a list of security requirements for the system.
  B. Conduct project planning and a feasibility assessment.
  C. Define system security classifications.
  D. Review relevant regulatory practices and standards.
  D. Review relevant regulatory practices and standards.

  ---

  Explanation

• Question 102:

  A company's primary performance objective Is flexibility. Which of the following measurements is most important?

  A. Labor productivity
  B. Schedule adherence
  C. Machine changeover time
  D. Cycle time
  C. Machine changeover time

  ---

  Explanation

  When a company's primary objective is flexibility, the ability to quickly switch between products or processes is critical. Machine changeover time directly measures how fast a company can adapt its operations to produce different items, making it the most relevant metric for evaluating operational flexibility.

• Question 103:

  Which of the following is a disadvantage of using federated identity?

  A. The administrative burden is increased
  B. The application has access to the user's credentials
  C. Applications may need complex modifications to implement
  D. A compromised credential provides access to all the user's applications
  D. A compromised credential provides access to all the user's applications

  ---

  Explanation

• Question 104:

  A company assembles kits of hand tools after receipt of the order from distributors and uses two-level master scheduling. The appropriate levels of detail for the forecasts that are input to master scheduling would be total number of kits and:

  A. each unique tool.
  B. percentage of total for each tool.
  C. raw material requirements.
  D. specific kit configurations.
  D. specific kit configurations.

  ---

  Explanation

  A company that uses two-level master scheduling has a master production schedule (MPS) for the end items (kits) and a final assembly schedule (FAS) for the components (tools). The forecasts that are input to master scheduling should reflect the total number of kits and the specific kit configurations, as these determine the demand for the components. The other options are not relevant for master scheduling, as they do not reflect the end item demand or the bill of materials structure.

• Question 105:

  Which is the basic system used for locating stock?

  A. Group functionally related items together
  B. Group fast-moving items
  C. Group physically similar items together
  D. All of the above
  D. All of the above

  ---

  Explanation

  The basic system used for locating stock aims to improve efficiency, accessibility, and space utilization. It often includes:

  A: Grouping functionally related items together: Helps streamline workflow and picking for related operations.

  B: Grouping fast-moving items: Places high-demand items in easy-to-access areas to reduce handling time.

  C: Grouping physically similar items together: Makes storage and retrieval more organized and logical. All these strategies are valid and commonly used-hence, D: All of the above is correct.

• Question 106:

  Which of the following situations is most likely to occur when using a push system?

  A. Work centers receive work even if capacity is not available.
  B. Work centers are scheduled using finite capacity planning.
  C. Work centers operate using decentralized control.
  D. Work centers signal previous work centers when they are ready for more work.
  A. Work centers receive work even if capacity is not available.

  ---

  Explanation

  In a push system, production is based on a pre-planned schedule, and materials or work are pushed to the next work center regardless of its readiness or capacity. This can lead to bottlenecks and excess inventory at workstations.

• Question 107:

  The Chief Information Security Officer (CISO) is meeting with the external network security evaluation team's blue team leader to confirm the internal system administrator's work schedules, hardware lists, and logistical support for their debriefing. Which of the following would be the MOST likely topic of discussion for the briefing?

  A. Remediation
  B. Administration
  C. Authorization
  D. Enumeration
  B. Administration

  ---

  Explanation

• Question 108:

  Which of the following is the BEST way to identify the various types of software installed on an endpoint?

  A. Active network scanning
  B. Passive network scanning
  C. Authenticated scanning
  D. Port scanning
  C. Authenticated scanning

  ---

  Explanation

• Question 109:

  An organization is designing a new Disaster Recovery (DR) site. What is the BEST option to harden security of the site?

  A. Physical access control
  B. Natural disaster insurance
  C. Natural surveillance
  D. Territorial reinforcement
  A. Physical access control

  ---

  Explanation

• Question 110:

  An organization currently has a network with 55,000 unique Internet Protocol (IP) addresses in their private Internet Protocol version 4 (IPv4) network range and has acquired another organization and must integrate their 25,000 endpoints with the existing, flat network topology. If subnetting is not implemented, which network class is implied for the organization's resulting private network segment?

  A. A
  B. B
  C. C
  D. E
  A. A

  ---

  Explanation