Spring Sale Limited Time 75% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = simple75

Pass the APICS CPIM CPIM-8.0 Questions and answers with Dumpstech

Exam CPIM-8.0 Premium Access

View all detail and faqs for the CPIM-8.0 exam

Go to Exam
Practice at least 50% of the questions to maximize your chances of passing.
Viewing page 9 out of 13 pages
Viewing questions 121-135 out of questions
Questions # 121:

An organization’s computer incident responses team PRIMARY responds to which type of control?

Options:

A.

Administrative

B.

Detective

C.

Corrective

D.

presentative

Questions # 122:

An organization is updating an Application Programming Interface (API) to support requests coming from mobile applications distributed on public application stores. The API’s primary function is to supply confidential documents when users request them within the mobile application. Which approach would BEST respond to this use case?

Options:

A.

Require that the user supplies their credential to access confidential documents.

B.

Require a Virtual Private Network (VPN) connection to the organization's network to access confidential documents.

C.

Implement Security Assertion Markup Language (SAML) to validate the identity of the user requesting access to confidential documents.

D.

Implement Open Authorization (OAuth) 2.0 to require the users to request permission to access confidential documents.

Questions # 123:

Which of the following statements best characterizes enterprise resources planning (ERP) systems?

Options:

A.

They track activity from customer order through payment.

B.

They are expensive but easy to implement.

C.

They provide real-time planning and scheduling, decision support, available-to-promise (ATP), and capable-to-promise (CTP) capabilities.

D.

They are used for strategic reporting requirements.

Questions # 124:

What MUST be completed before developing physical security controls?

Options:

A.

Develop a comprehensive security policy

B.

Provide the annual security awareness training

C.

Contract for licensed and bonded security force

D.

Perform a physical security audit

Questions # 125:

Which of the following is the BEST way to identify the various types of software installed on an endpoint?

Options:

A.

Active network scanning

B.

Passive network scanning

C.

Authenticated scanning

D.

Port scanning

Questions # 126:

An Information Technology (IT) professional is seeking a control objective framework that is widely accepted around the world and focuses specifically on information security controls. Which of the following frameworks BEST meets this need?

Options:

A.

International Organization For Standardization (ISO) 27001

B.

International Organization For standardization (ISO) 27002

C.

International Technology Infrastructure Library (ITIL)

D.

Capability Maturity Model (CMM)

Questions # 127:

An organization has a requirement that all documents must be auditable and that the original is never modified once created. When designing the system, what security model MUST be implemented in order to meet this requirement?

Options:

A.

Biba Integrity

B.

Brewer-Nash

C.

Bell-LaPadula

D.

Clark-Wilson

Questions # 128:

An organization wants to implement Zero Trust (ZT). The Information Technology (IT) department is already using Multi-Factor Authentication (MFA) and Identity and Access Management (IAM). Which of the following would be the BEST solution for the organization to implement in order to have a ZT network?

Options:

A.

Next-generation firewall

B.

Host-Based Intrusion Detection System (HIDS)

C.

Micro-segmentation

D.

Network Intrusion Detection System (NIDS)

Questions # 129:

A multinational organization acquires a subsidiary. The acquisition results in the need to integrate a large population of new users into the organization's corporate cloud. What is the MAIN benefit of the organization's Federated Identity Management (FIM) system to address the need?

Options:

A.

Efficient access provisioning

B.

Increased robustness of authentication

C.

Greater flexibility of access control

D.

Reduced complexity of maintenance and changes

Questions # 130:

Which of the following protocols BEST provides for the secure transfer of voice, data, and video over a network?

Options:

A.

Transmission Control Protocol (TCP)

B.

Voice Over Internet Protocol (VoIP)

C.

User Datagram Protocol (UDP)

D.

HyperText Transfer Protocol Secure (HTTPS)

Questions # 131:

A company that uses concurrent engineering is likely to experience which of the following outcomes in the first period of a product's life cycle?

Options:

A.

Fewer product design changes

B.

An increase in obsolete inventory

C.

More accurate forecasting

D.

Conflicts between purchasing and engineering

Questions # 132:

What can help a security professional assess and mitigate vulnerabilities of an embedded device?

Options:

A.

Conduct black-box testing.

B.

Conduct red-box testing.

C.

Conduct yellow-box testing.

D.

Conduct green-box testing.

Questions # 133:

A cybersecurity analyst is reviewing a recent incident in which the adversaries were able to move vertically within the network. Which attack phase MOST clearly represents this scenario?

Options:

A.

System browsing

B.

Escalating privileges

C.

Gaining access

D.

Installing additional tools

Questions # 134:

Asymmetric cryptography uses which type of key to encrypt data?

Options:

A.

Private key

B.

Permanent key

C.

Parent key

D.

Public key

Questions # 135:

Which of the following does a federated Identity Provider (IDP) need in order to grant access to identity information?

Options:

A.

The end system and the middleware system must trust each other.

B.

The end system authenticates and verifies the user.

C.

The end system application needs to verify the user’s identity.

D.

The application or system needs to trust the user.

Viewing page 9 out of 13 pages
Viewing questions 121-135 out of questions