IAPP CIPM Online Practice Questions and Exam Preparation

IAPP CIPM Online Questions & Answers

• Question 291:

  At the MRP planning level, the process of priority plans must be checked against available capacity is called

  A. Master Production schedule (MPS)
  B. Capacity Requirements planning (CRP)
  C. Production activity control (PAC)
  D. Manufacturing Planning and control function (MPC)
  B. Capacity Requirements planning (CRP)

  ---

  Explanation

  Capacity Requirements Planning (CRP) is the process at the MRP planning level that:

  Checks priority plans (generated by MRP) Against the available capacity of work centers or machines Ensures that the required work can be completed within the available time and resources

  Option Review:

  A: Master Production Schedule (MPS): Sets what to produce and when, but doesn't check capacity.

  C: Production Activity Control (PAC): Executes and controls shop floor activities-not capacity planning.

  D: Manufacturing Planning and Control (MPC): An overall system; CRP is a specific function within MPC. Final Answer: B: Capacity Requirements Planning (CRP).

• Question 292:

  An organization co-locates three divisions and merges them into one network infrastructure. Prior to the merge, the network manager issued devices to employees for remote login. What security concept should be observed to provide security when a device joins the network or when a client makes an Application Programming Interface (API) call?

  A. Access Control List (ACL)
  B. Non-repudiation
  C. Multi-Factor Authentication (MFA)
  D. Zero Trust (ZT)
  D. Zero Trust (ZT)

  ---

  Explanation

• Question 293:

  What function prevents unauthorized devices from gaining access to a network?

  A. Network Access Control (NAC)
  B. Storage Area Network (SAN)
  C. Network Address Translation (NAT)
  D. Software-Defined Network (SDN)
  A. Network Access Control (NAC)

  ---

  Explanation

• Question 294:

  An example of a cradle-to-cradle sustainability model would be:

  A. a laundry service collects dirty baby clothes from families; cleans the clothes in large, efficient batches; and then sorts and delivers the clothes back to each family.
  B. a coffee shop collects paper waste in its restaurants, has a selected supplier collect the paper waste to be recycled, and then purchases paper products from that supplier.
  C. a company uses wood that has been gathered from multiple sources to construct items, such as beds and toys for babies and young children.
  D. a bank offers the lowest interest rates on loans to firms that are committed to using recycled materials and implementing zero-waste initiatives in their processes.
  B. a coffee shop collects paper waste in its restaurants, has a selected supplier collect the paper waste to be recycled, and then purchases paper products from that supplier.

  ---

  Explanation

  A cradle-to-cradle sustainability model is a design concept that aims to create products that can be reused or recycled indefinitely, without generating any waste or pollution. It mimics the natural cycles of nature, where everything is a nutrient for something else. A cradle-to-cradle model differs from a cradle-to-grave model, which follows a linear path of production, consumption, and disposal.

  Option B is an example of a cradle-to-cradle model, because the paper waste from the coffee shop is collected and recycled by a supplier, who then provides new paper products to the coffee shop. This creates a closed loop of material flow, where nothing is wasted and the paper is continuously reused.

  Option A is not a cradle-to-cradle model, because the laundry service does not reuse or recycle the baby clothes. It only cleans and delivers them, but does not prevent them from eventually ending up in the landfill.

  Option C is not a cradle-to-cradle model, because the company does not ensure that the wood it uses is from sustainable sources, or that the products it makes can be easily disassembled and recycleD: It also does not consider the environmental impacts of transporting the wood from different locations.

  Option D is not a cradle-to-cradle model, because the bank does not directly influence the design or production of the products that the firms use. It only provides financial incentives for them to adopt more sustainable practices, but does not guarantee that they will follow a cradle-to-cradle approach.

• Question 295:

  Forecast error typically triggers forecast revision when it is:

  A. used in computing the tracking signal.
  B. associated with the Introduction stage of the product life cycle.
  C. continually increasing.
  D. caused by random variation.
  C. continually increasing.

  ---

  Explanation

  Forecast error is the difference between the actual demand and the forecasted demand for a given perioD: Forecast error can be caused by various factors, such as changes in customer preferences, market conditions, competitor actions, or random variation. Forecast error can be measured using different methods, such as mean absolute deviation (MAD), mean absolute percentage error (MAPE), or tracking signal. Forecast error typically triggers forecast revision when it is continually increasing, which indicates that the forecast model is not capturing the underlying demand pattern or trenD: A continually increasing forecast error can lead to poor customer service, excess or obsolete inventory, or lost sales opportunities. Therefore, it is important to monitor the forecast error and revise the forecast when necessary to improve the forecast accuracy and reliability. Forecast error does not trigger forecast revision when it is used in computing the tracking signal, associated with the introduction stage of the product life cycle, or caused by random variation. These are not valid reasons for revising the forecast, as they do not indicate a systematic or persistent deviation from the actual demand.

• Question 296:

  The production plan relates to a firm's financial planning because it is used to:

  A. calculate standard product costs.
  B. determine variable costs.
  C. project payroll costs.
  D. identify future cash needs.
  D. identify future cash needs.

  ---

  Explanation

  The production plan outlines what will be produced and when, which directly affects material purchases, labor, and overheaD: This makes it a key input for financial planning, particularly for identifying future cash needs related to inventory, labor, and other operational expenses.

• Question 297:

  Which of the following mechanisms should a practitioner focus on for the MOST effective information security continuous monitoring?

  A. Implementing automated methods for data collection and reporting where possible
  B. Updating security plans, security assessment reports, hardware, and software inventories
  C. Defining specific methods for monitoring that will maintain or improve security posture
  D. Collecting risk metrics from teams, such as business, testing, QA, development, and operations with security controls
  A. Implementing automated methods for data collection and reporting where possible

  ---

  Explanation

• Question 298:

  An organization's security policy requires sensitive information to be protected when being transmitted to external sources via would be the BEST security solution to choose?

  A. Use spam filters and anti-virus software to send emails externally.
  B. Configure digital signatures to send emails externally.
  C. Configure the system to utilize to send encrypted emails externally.
  D. Use e-mail security gateway to send emails externally.
  C. Configure the system to utilize to send encrypted emails externally.

  ---

  Explanation

• Question 299:

  Which activity follows the discovery phase of vulnerability management?

  A. Vulnerability detection
  B. Vulnerability evaluation
  C. Vulnerability identification
  D. Vulnerability governance
  B. Vulnerability evaluation

  ---

  Explanation

• Question 300:

  The Information Technology (IT) manager of a large organization has been tasked with implementing a distributed third-party Identity As A Service (IDaaS). The local security team is concerned that the Identity Provider (IdP) and resource provider have direct connectivity outside of enterprise control. Which of the following authentication methods BEST address this concern?

  A. Federation authorities access list
  B. Manual registration
  C. Proxied federation
  D. Signed assertion
  C. Proxied federation

  ---

  Explanation