IAPP CIPM Online Practice Questions and Exam Preparation

IAPP CIPM Online Questions & Answers

• Question 251:

  A bank recently informed a customer that their account has been overdrawn after their latest transaction. This transaction was not authorized by the customer. Upon further investigation, it was determined by the security team that a hacker was able to manipulate the customer's pre-authenticated session and force a wire transfer of funds to a foreign bank account. Which type of attack MOST likely occurred?

  A. Cross-Site Request Forgery (CSRF)
  B. On-path attack
  C. Cross-Site Scripting (XSS)
  D. Session hijacking
  A. Cross-Site Request Forgery (CSRF)

  ---

  Explanation

• Question 252:

  Which of the following benefits typically will be realized when switching from a functional to a cellular layout?

  A. Equipment utilization will be higher.
  B. Quality inspections will be reduced.
  C. Capital expenditures will be reduced.
  D. Products will have faster throughput.
  D. Products will have faster throughput.

  ---

  Explanation

  Switching from a functional layout to a cellular layout typically results in faster throughput because workstations are arranged to support a smooth flow of materials for specific product families. This reduces travel time, queue time, and handling, leading to quicker production cycles.

• Question 253:

  Which of the following MUST exist for an activity to be considered an audit?

  A. An auditor that is in no way employed, connected or associated to the organization being audited
  B. Stored Personally Identifiable Information (PII) that an organization has a legal obligation to protect
  C. A predefined standard and systematic approach to test the application of that standard
  D. A certified member of a professional body qualified in the area of inspection
  C. A predefined standard and systematic approach to test the application of that standard

  ---

  Explanation

• Question 254:

  An organization is opening a new data center and is looking for a facilities security officer to provide best practices for the site and facility design. The two major requirements for this organization are not to attract undue attention and avoid proximity to potentially hazardous sites.

  What site selection considerations do these requirements BEST fall under when deciding on the location for a facility?

  A. Visibility and natural disasters
  B. Visibility and locale
  C. Visibility and hazardous sites
  D. Visibility and transportation
  C. Visibility and hazardous sites

  ---

  Explanation

• Question 255:

  A manufacturing facility uses common wireless technologies to communicate. The head of security is concerned about eavesdropping by attackers outside the perimeter fence. The distance between the facility and fence is at least 300 feet (100 m). Which of the following wireless technologies is MOST likely to be available to an attacker outside the fence?

  A. ZigBee
  B. Radio-Frequency Identification (RFID)
  C. Long-Term Evolution (LTE)
  D. Bluetooth
  C. Long-Term Evolution (LTE)

  ---

  Explanation

• Question 256:

  An organization wants to control access at a high-traffic entrance using magnetic-stripe cards for identification. Which of the following is the BEST for the organization to utilize?

  A. A turnstile
  B. A security guard
  C. A mantrap
  D. A locking door
  A. A turnstile

  ---

  Explanation

• Question 257:

  An information security auditor is creating an audit program to assess endpoint security controls for portable storage media movement. Which type of control will MOST likely be part of the program?

  A. Detective control
  B. Device control
  C. Recovery control
  D. Network control
  B. Device control

  ---

  Explanation

• Question 258:

  When resolving conflicts, which canon within the ISC2 Code of Ethics requires members to consider duties to principals and Individuals?

  A. Maintain the privacy and confidentiality of information obtained.
  B. Advance and protect the profession.
  C. Act honorably, honestly, justly, responsibly, and legally.
  D. Maintain competency in their respective fields.
  C. Act honorably, honestly, justly, responsibly, and legally.

  ---

  Explanation

• Question 259:

  Given the information below, reducing which measure by 10% would contribute most to shortening the cash-to-cash cycle time?

  

  A. Accounts receivable
  B. Inventory value
  C. Accounts payable
  D. Cost of capital
  A. Accounts receivable

  ---

  Explanation

  To determine which measure contributes most to shortening the cash-to-cash cycle, we focus on:

  Cash-to-Cash Cycle Time=Days Inventory Outstanding+Days Sales Outstanding-Days Payables Outstanding

  This means:

  Reducing accounts receivable (Days Sales Outstanding) and inventory value (Days Inventory Outstanding) shortens the cycle.

  Reducing accounts payable (Days Payables Outstanding) would lengthen the cycle - the opposite of what we want.

  Now let's compare the absolute dollar impact of a 10% reduction:

  Accounts Receivable:

  Inventory Value:

  Accounts Payable:

  Cost of Capital:

  Not part of the cycle time calculation directly.

  Conclusion:

  A: Accounts receivable reduction has the largest positive impact on shortening the cash-to-cash cycle.

• Question 260:

  What is the total load requirement for this work center based on the following data?

  

  A. 1.326
  B. 1.525
  C. 1,533
  D. 2,880
  C. 1,533

  ---

  Explanation

  To find the total load requirement for the work center, calculate the total time required (setup time + run time) for each order, then sum all the times. Step 1: Calculate total time for each order

  Released Orders:

  A:

  Setup time = 4.00 min

  Total = 4.00 + 120.00 = 124.00 min

  B:

  Setup time = 2.00 min

  Total = 2.00 + 1,200.00 = 1,202.00 min Planned Orders:

  C:

  Setup time = 1.00 min

  Total = 1.00 + 105.00 = 106.00 min

  D:

  Setup time = 1.00 min

  Total = 1.00 + 100.00 = 101.00 min

  Step 2: Total Load Requirement 124.00+1,202.00+106.00+101.00=1,533.00 minutes