IAPP CIPM Online Practice Questions and Exam Preparation

IAPP CIPM Online Questions & Answers

• Question 541:

  An organization has received the results of their network security risk assessment. What is the BEST course of action for the organization to take in response to the analyzed report findings?

  A. Hire a security consulting firm with specialized expertise to fix all the issues on the report and ensure the organization's system are secure.
  B. Work with the organization's legal team to ensure their cyber liability insurance policy will fully cover the costs of any breach related to the network risk assessment findings.
  C. Create an organizational risk response team and assign them the task of remediating all the issues or identifying and implementing compensating controls.
  D. Accept the risk of the issues within the organization's risk tolerance and identify responses for the remainder of the issues.
  C. Create an organizational risk response team and assign them the task of remediating all the issues or identifying and implementing compensating controls.

  ---

  Explanation

• Question 542:

  An OpenID Connect (OIDC) authorization server received two requests from a client. The server identifies the request as replay attack and rejects the request. Which of the following BEST describes these requests?

  A. One of the requests does not have a valid token issuer's identifier.
  B. The requests have the same 'auth_time' parameter.
  C. The requests have the same 'nonce' parameter.
  D. One of the requests does not have a valid audience token.
  C. The requests have the same 'nonce' parameter.

  ---

  Explanation

• Question 543:

  Which of the following is the BEST type of fire extinguisher for a data center environment?

  A. Class A
  B. Class B
  C. Class C
  D. Class D
  C. Class C

  ---

  Explanation

• Question 544:

  Disaster Recovery Plan (DRP) training can be considered complete when the participants

  A. understand the rationale behind why a specific Disaster Recovery Plan (DRP) strategy was chosen.
  B. receive a complete, accurate, and detailed explanation of the Disaster Recovery Plan (DRP).
  C. understand their roles and interactions with other roles.
  D. have demonstrated their understanding during an actual disaster.
  C. understand their roles and interactions with other roles.

  ---

  Explanation

• Question 545:

  Given the bill of material (BOM) information below and independent requirements of 10 pieces (pcs) per week of Component A and 20 pieces (pcs) per week of Component B, what is the weekly gross requirement of component F?

  

  A. 80
  B. 120
  C. 160
  D. 200
  D. 200

  ---

  Explanation

  To calculate the weekly gross requirement of Component F, we need to account for all paths that generate demand for it. Given: Component A demand = 10 pcs/week Component B independent demand = 20 pcs/week Component A BOM: B = 1 C = 2 D = 2 Component B BOM: E = 3 F = 4 Component C BOM: D = 1

  F = 4 Step 1: Calculate F from Component A path Component A demand = 10

  Component A uses 1 B 10 B B from A = 10 pcs contributes to F C from A = 20 pcs contributes to F Total F from A path = 40 + 80 = 120

  Step 2: Add independent Component B demand Independent B demand = 20 pcs Step 3: Total gross requirement for F From A = 120

  From independent B = 80 Total = 120 + 80 = 200

• Question 546:

  What General Data Protection Regulation (GDPR) principle says that data should be collected lawfully and with the person's consent?

  A. Legitimate data collection
  B. Limitation of use
  C. Collection Categorization
  D. Collection limitation
  A. Legitimate data collection

  ---

  Explanation

• Question 547:

  Which of the following describes the 3 MAIN roles of the identity-delegation model?

  A. Application server, web server, and delegate
  B. Application server, proxy server, and delegate
  C. Delegator, delegate, and service provider
  D. Delegator, application server, and service provider
  C. Delegator, delegate, and service provider

  ---

  Explanation

• Question 548:

  The ranking of jobs for the dispatch list is created through the application of which of the following priority rule?

  A. First come, first served
  B. Earliest operation due date
  C. Shortest process time
  D. All of the above
  D. All of the above

  ---

  Explanation

  The dispatch list ranks jobs to determine the order in which they should be processed at a work center. This ranking is based on priority rules, including:

  A: First Come, First Served (FCFS): Jobs are processed in the order they arrive.

  B: Earliest Operation Due Date: Jobs with the soonest due dates are given priority.

  C: Shortest Process Time (SPT): Jobs requiring the least processing time are done first to improve flow and reduce average job time.

  All of these are valid and commonly used priority dispatching rules, depending on production goals. Final Answer: D: All of the above.

• Question 549:

  A multinational organization acquires a subsidiary. The acquisition results in the need to integrate a large population of new users into the organization's corporate clouD: What is the MAIN benefit of the organization's Federated Identity Management (FIM) system to address the need?

  A. Efficient access provisioning
  B. Increased robustness of authentication
  C. Greater flexibility of access control
  D. Reduced complexity of maintenance and changes
  A. Efficient access provisioning

  ---

  Explanation

• Question 550:

  Demand or lead time is held to cover random unpredictable variations in supply and:

  A. Safety stock
  B. Variant stock
  C. Anticipatory change inventory
  D. Random contemporary stock
  A. Safety stock

  ---

  Explanation