IAPP CIPM Online Practice Questions and Exam Preparation

IAPP CIPM Online Questions & Answers

• Question 491:

  An organization recently created a new accounting department, and that department is critical in the event of a disaster for the operations to continue. Which steps should the organization take to create a Business Continuity Plan (BCP)?

  A. Test, maintain, implement, deliver, and execute
  B. Plan, implement, execute, deliver, and document
  C. Understand, plan, deliver, implement, and execute
  D. Understand, plan, deliver, test, and maintain
  D. Understand, plan, deliver, test, and maintain

  ---

  Explanation

• Question 492:

  To check the feasibility of the master Production Planning, provide warnings to any bottlenecks; ensure utilization of work centers and advice vendors of capacity requirements is the purpose of:

  A. Realistic capacity planning
  B. Expected capacity planning
  C. Rough-cut capacity planning
  D. Work-capacity planning
  C. Rough-cut capacity planning

  ---

  Explanation

  Rough-cut capacity planning (RCCP) is used to:

  Check the feasibility of the master production schedule (MPS)

  Identify bottlenecks

  Ensure proper utilization of key work centers

  Advise vendors of upcoming capacity requirements

  It provides a high-level view of capacity needs early in the planning process.

• Question 493:

  An audit report of security operations has listed some anomalies with third parties being granted access to the internal systems and data without any restrictions.

  Which of the following will BEST help remediate this issue?

  A. Provide access restrictions for resources stored in a low-volume network or subnetwork location.
  B. Provide access restrictions for resources stored on a network that uses a unique platform.
  C. Provide access restrictions for resources stored in a high-volume network or subnetwork location.
  D. Provide access restrictions for resources stored on a network or on a subnetwork.
  D. Provide access restrictions for resources stored on a network or on a subnetwork.

  ---

  Explanation

• Question 494:

  Which of the following actions will result In lower inventory levels?

  A. Level load the master production schedule (MPS).
  B. Reduce replenishment lead times.
  C. Increase customer service level.
  D. Decentralize inventory locations.
  B. Reduce replenishment lead times.

  ---

  Explanation

  Reducing replenishment lead times will result in lower inventory levels because it means that the time between placing an order and receiving the goods is shorter. This reduces the need to hold excess inventory to cover the uncertainty and variability of demand and supply. Reducing replenishment lead times can also improve customer service levels, as orders can be fulfilled faster and more reliably. Level loading the master production schedule (MPS), increasing customer service level, and decentralizing inventory locations are all actions that will increase inventory levels, as they require more inventory to buffer against fluctuations in demand and supply, and to ensure availability at multiple locations.

• Question 495:

  is characterized by many variations in product design, process requirements and order quantities.

  A. Flow manufacturing
  B. Project manufacturing
  C. Intermittent manufacturing
  D. None of these
  C. Intermittent manufacturing

  ---

  Explanation

  Intermittent manufacturing is characterized by: Many variations in product design Flexible process requirements Variable order quantities

  Often used for custom or low-volume production

  Other options:

  A: Flow manufacturing: Involves standardized products and high-volume, continuous production.

  B: Project manufacturing: Involves large, unique, one-time products (e.g., ships, buildings).

  D: None of these: Incorrect, since C is correct.

  Therefore, the correct answer is C: Intermittent manufacturing.

• Question 496:

  Up-to-date Information about production order status is required to do which of the following tasks?

  A. Calculate current takt time.
  B. Determine planned orders.
  C. Replenish kanban quantities.
  D. Calculate the cost of work in process (WIP).
  D. Calculate the cost of work in process (WIP).

  ---

  Explanation

  To calculate the cost of work in process (WIP) accurately, it's essential to have up-to-date information about the status of production orders. This includes knowing which orders are in progress, how much work has been completed, and what materials and labor have been consumed.

• Question 497:

  While conducting an information asset audit, it was determined that several devices were running unpatched Operating Systems (0S). Further review Indicated the OS was no longer supported by the vendor. Which of the following BEST indicates the appropriate asset lifecycle stage of the devices?

  A. Maintain
  B. Modify
  C. Procure
  D. Dispose
  D. Dispose

  ---

  Explanation

• Question 498:

  The places where carriers load and unload goods to and from vehicles and make connections between local pickup and delivery service and line-haul service are called:

  A. Terminals
  B. Mortals
  C. Workstations
  D. None of the above
  A. Terminals

  ---

  Explanation

  Terminals are facilities where: Carriers load and unload goods Transfers occur between local pickup/delivery services and line-haul (long-distance) services Shipments are sorted, consolidated, or redirected

  Other options:

  B: Mortals: Not related to logistics or transportation.

  C: Workstations: Typically refer to employee work areas, not freight handling points.

  D: None of the above: Incorrect because A: Terminals is correct. So, the correct answer is A: Terminals.

• Question 499:

  What is the MOST beneficial principle of threat modeling?

  A. To focus on specific adversaries, assets, or techniques
  B. To improve the security and privacy of a system through early and frequent analysis
  C. To create meaningful outcomes when they are of value to external agencies
  D. To create a single threat model representation as multiple models may be inconsistent
  B. To improve the security and privacy of a system through early and frequent analysis

  ---

  Explanation

• Question 500:

  The Cloud Security Alliance (CSA) publishes the Egregious Eleven, a list of common threats to organizations using cloud services. According to the CSA Egregious Eleven, which of the following cases falls under the category of misconfiguration and inadequate change control?

  A. Having a public-facing website with Hypertext Markup Language (HTML) encoding enabled.
  B. Exposure of data stored in cloud repositories.
  C. Username and password are sent using a POST in plain text.
  D. Unsecured data storage elements or storage containers.
  D. Unsecured data storage elements or storage containers.

  ---

  Explanation