Pre-Summer Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: validbest

Discussions
  1. Home
  2. APICS
  3. CPIM
  4. CPIM-8.0
  5. Certified in Planning and Inventory Management (CPIM 8.0) Questions and Answers

Pass the APICS CPIM CPIM-8.0 Questions and answers with ValidTests

Exam CPIM-8.0 All Questions
Exam CPIM-8.0 Premium Access

View all detail and faqs for the CPIM-8.0 exam

Go to Exam
Viewing page 11 out of 13 pages
Viewing questions 151-165 out of questions
Questions # 151:

Before securing a email system using OpenPGP in an organization, Which of the following actions MUST be performed?

Options:

A.

Definition of anti-spam policies

B.

Removal of previous email servers

C.

Definition of key management policies

D.

Backup of email messages and folders

Expert Solution
Questions # 152:

An organization has recently been hacked. To prevent future breaches, the Chief Information Security Officer (CISO) hires a third-party vendor to perform penetration testing on the network. Once complete, the vendor provides to the CISO a final report generated by a high-quality vulnerability scanner. The CISO rejects the report as incomplete.

Why is the vendor's penetration test considered incomplete?

Options:

A.

The vendor should have attempted to exploit the identified vulnerabilities.

B.

The vendor should also provide a guide to remediate the identified vulnerabilities.

C.

The vendor should have provided a risk report of vulnerabilities found.

D.

The vendor should have worked closely with network engineers to understand the network infrastructure better.

Expert Solution
Questions # 153:

An organization received a notification from a Commercial Off-The-Shelf (COTS) provider that one of its products will no longer be supported. Using obsolescence progression stages, which of the following risk trigger points was activated in this case?

Options:

A.

End of Life (EOL)

B.

End of Maintenance

C.

End of Service Life (EOSL)

D.

End of Repair

Expert Solution
Questions # 154:

Which of the following MUST be checked during the validation of software verification capabilities?

Options:

A.

Completeness

B.

Vulnerabilities

C.

Security

D.

Logic

Expert Solution
Questions # 155:

What does the Role-Based Access Control (RBAC) method define?

Options:

A.

What equipment is needed to perform

B.

How information is accessed within a system

C.

What actions the user can or cannot do

D.

How to apply the security labels in a system

Expert Solution
Questions # 156:

Which of the following BEST characterizes the operational benefit of using immutable workloads when working on a cloud-based project?

Options:

A.

The clouds service provider is responsible for all security within the workload

B.

Security testing is managed after image creation

C.

No longer have to bring system down to patch

D.

Allows a user to enable remote logins to running workloads

Expert Solution
Questions # 157:

In a large organization, the average time for a new user to receive access is seven days. Which of the following is the BEST enabler to shorten this time?

Options:

A.

Implement a self-service password management capability

B.

Increase system administration personnel

C.

Implement an automated provisioning tool

D.

Increase authorization workflow steps

Expert Solution
Questions # 158:

Disaster Recovery (DR) training plan outcomes should have which KEY quality?

Options:

A.

Comprehensible

B.

Identifiable

C.

Measurable

D.

Editable

Expert Solution
Questions # 159:

While doing a penetration test, auditors found an old credential hash for a privileged user. To prevent a privileged user's hash from being cached, what is the MOST appropriate policy to mandate?

Options:

A.

Add privileged user to the domain admin group.

B.

Add privileged users to the protected users group.

C.

Enable security options for each privileged user.

D.

Place each privileged user in a separate Kerberos policy.

Expert Solution
Questions # 160:

Which of the following is the BEST option for a security director to use in order to mitigate the risk of inappropriate use of credentials by individuals with administrative rights?

Options:

A.

Have administrators sign appropriate access agreements.

B.

Define the Acceptable Use Policy (AUP) for administrators.

C.

Have administrators accept a Non-Disclosure Agreement.

D.

Perform extensive background checks on administrators.

Expert Solution
Questions # 161:

Which of the following is a methodology for threat modeling in application?

Options:

A.

Disaster, Reproducibility, Exploitability, Affected Users, And Discoverability (DREAD)

B.

Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege (STRIDE)

C.

Pretend, Allow, Crash, Modify, Ascertain, Name

D.

Confidentiality, Authentication, Integrity, Nonrepudiation, Availability

Expert Solution
Questions # 162:

An executive wants to ensure that risk related to information operations is managed in accordance with the enterprise's risk management thresholds. What is the BEST way to ensure this consistently occurs?

Options:

A.

Publish and enforce enterprise policies that assign risk decisions to corporate officers.

B.

Publish and enforce enterprise policies that assign risk decisions to cybersecurity analysts.

C.

Publish and enforce enterprise policies that assign risk decisions to business unit managers.

D.

Publish and enforce enterprise policies that assign risk decisions to system administrators.

Expert Solution
Questions # 163:

In which of the following situations would you use an X-bar chart?

Options:

A.

Track the number of defects that are found in each unit.

B.

Measure the difference between the largest and the smallest in a sample.

C.

Determine the average value of a group of units.

D.

Estimate a subgroup variation.

Expert Solution
Questions # 164:

A healthcare organization’s new cloud-based customer-facing application is constantly receiving security events from dubious sources. What BEST describes a security event that compromises the confidentiality, integrity, or availability of the application and data?

Options:

A.

Attack

B.

Breach

C.

Failure

D.

Incident

Expert Solution
Questions # 165:

Which of the following outcomes Is a benefit of mixed-model scheduling?

Options:

A.

Increased inventory

B.

Improved demand response

C.

Fewer setups

D.

Fewer material shortages

Expert Solution
Viewing page 11 out of 13 pages
Viewing questions 151-165 out of questions