IAPP CIPM Online Practice Questions and Exam Preparation

IAPP CIPM Online Questions & Answers

• Question 211:

  What is the BEST protection method to ensure that an unauthorized entry attempt would fail when securing highly sensitive areas?

  A. Employee badge with a picture and video surveillance
  B. Keyed locks and Closed-Circuit Television (CCTV) at entrances
  C. Combination lock and a gate that prevents piggybacking
  D. Proximity badge requiring a Personal Identification Number (PIN) entry at entrances
  C. Combination lock and a gate that prevents piggybacking

  ---

  Explanation

• Question 212:

  A software development vendor wants to test the Application Programming Interface (API). The testers use and manipulate data to identify the various states of the application behavior. What is the kind of testing that is being used?

  A. Quality Assurance (QA) testing
  B. Integration technique
  C. User Acceptance Testing
  D. Fuzzing technique
  D. Fuzzing technique

  ---

  Explanation

• Question 213:

  Maintaining software asset security is MOST dependent on what information?

  A. Software licensing
  B. Asset ownership
  C. Inventory of software
  D. Classification level
  C. Inventory of software

  ---

  Explanation

• Question 214:

  An organization wishes to utilize a managed Domain Name System (DNS) provider to reduce the risk of users accessing known malicious sites when web browsing. The organization operates DNS forwarders that forward queries for all external domains to the DNS provider. Which of the following techniques could enable the organization to identify client systems that have attempted to access known malicious domains?

  A. DNS over Transmission Control Protocol (TCP)
  B. DNS sinkholing
  C. Deep packet inspection
  D. Domain Name System Security Extensions (DNSSEC)
  B. DNS sinkholing

  ---

  Explanation

• Question 215:

  The process of placing the exploded requirements in their proper periods based on lead time is called

  A. Offsetting
  B. Exploding the equipments
  C. Production plan
  D. Where-used reports
  A. Offsetting

  ---

  Explanation

  In Material Requirements Planning (MRP), after the requirements are exploded from the Bill of Materials (BOM), they must be scheduled in the correct time periods based on lead time. This process is called offsetting.

  It ensures that components are ordered or produced in time to meet the need date of their parent items.

  Other options:

  B: Exploding the equipments: Not a valid term; the correct term is "exploding the BOM".

  C: Production plan: Refers to high-level planning, not scheduling based on lead time.

  D: Where-used reports: Show where a component is used, not scheduling logic. Final Answer: A: Offsetting.

• Question 216:

  An organization received a notification from a Commercial Off-The-Shelf (COTS) provider that one of its products will no longer be supporteD: Using obsolescence progression stages, which of the following risk trigger points was activated in this case?

  A. End of Life (EOL)
  B. End of Maintenance
  C. End of Service Life (EOSL)
  D. End of Repair
  C. End of Service Life (EOSL)

  ---

  Explanation

• Question 217:

  Which of the following techniques is BEST suited to preserve the confidentiality of a system's data?

  A. Audit log review
  B. Database encryption
  C. Immutable backups
  D. Database record locking
  B. Database encryption

  ---

  Explanation

• Question 218:

  Which of the following is a core subset of The Open Group Architecture Framework (TOGAF) enterprise architecture model?

  A. Security architecture
  B. Availability architecture
  C. Privacy architecture
  D. Data architecture
  D. Data architecture

  ---

  Explanation

• Question 219:

  The Chief Information Security Officer (CISO) for an international organization with offices operating globally has been tasked with developing a new data encryption policy that can be applied to all areas of the business. What is the MOST important factor that must be considered?

  A. Organization's security policy and standards
  B. How data will be stored and accessed
  C. Regulatory and compliance requirements
  D. Where data will be stored and accessed
  C. Regulatory and compliance requirements

  ---

  Explanation

• Question 220:

  Which of the following stock location systems would you use in a repetitive manufacturing, lean environment?

  A. Fixed location
  B. Floating location
  C. Point-of-use storage
  D. Central storage
  C. Point-of-use storage

  ---

  Explanation

  In a repetitive manufacturing, lean environment, point-of-use storage is ideal because it places materials exactly where they are needed on the production floor. This reduces material handling, waste, and movement, all of which align with lean principles.