Big Cyber Monday Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code = simple70

Pass the APICS CPIM CPIM-8.0 Questions and answers with Dumpstech

Exam CPIM-8.0 Premium Access

View all detail and faqs for the CPIM-8.0 exam

Go to Exam
Practice at least 50% of the questions to maximize your chances of passing.
Viewing page 1 out of 12 pages
Viewing questions 1-15 out of questions
Questions # 1:

Following the go-live of a new financial software, an organization allowed the Information Technology (IT) officer to maintain all rights and access permissions to help the organization staff should they have challenges in their day-to-day work. What is the BEST way to categorize the situation?

Options:

A.

Excessive privileges

B.

Need to know access

C.

Training access

D.

Least access principle

Questions # 2:

A recent email-based malware breakout caused a significant volume of traffic and password spam account lockouts for an organization. Which BEST identifies compromised devices?

Options:

A.

Security Information And Event Management (SIEM)

B.

Network Intrusion Detection System (NIDS)

C.

Vulnerability scan

D.

Penetration test

Questions # 3:

A company confirms a customer order based on available capacity and inventory, even though the current production plan does not cover the entire order quantity. This situation is an example of what type of order fulfillment policy?

Options:

A.

Assemble-to-order (ATO)

B.

Capable-to-promise (CTP)

C.

Available-to-promise (ATP)

D.

Configure-to-order (CTO)

Questions # 4:

An information security professional is tasked with configuring full disk encryption on new hardware equipped with a Trusted Platform Module (TPM). How does TPM further enhance the security posture of full disk encryption if configured properly?

Options:

A.

TPM will use the Operating System (OS) for full disk encryption key protection.

B.

TPM will protect the full disk encryption keys.

C.

TPM will handle the allocation of the hardware storage drives for full disk encryption.

D.

TPM will provide full disk encryption automatically.

Questions # 5:

Payment Card Industry Data Security Standard (PCI DSS) allows for scanning a statistical sample of the environment without scanning the full environment. Scanning a statistical sample has many advantages and disadvantages.

Which of the following is the MOST accurate set of advantages and disadvantages?

Options:

A.

Limited risk to production targets, rapid scan times, requires proof of image standardization, and one-offs systems are not scanned

B.

Easy for auditors to question, fastest scanning method, ideal for cloud environments, and not suitable for small organizations

C.

Limited to a single environment/platform, proves image standardization, random selection misses end-to-end applications, and slower than targeted scanning

D.

Confirmation of Configuration Management (CM), hand selection introduces confirmation bias, is ideal in operational technology environments, and requires about 10% of each environment/platform

Questions # 6:

While doing a penetration test, auditors found an old credential hash for a privileged user. To prevent a privileged user's hash from being cached, what is the MOST appropriate policy to mandate?

Options:

A.

Add privileged user to the domain admin group.

B.

Add privileged users to the protected users group.

C.

Enable security options for each privileged user.

D.

Place each privileged user in a separate Kerberos policy.

Questions # 7:

What is the MAIN purpose of risk and impact analysis?

Options:

A.

Calculate the cost of implementing effective countermeasures.

B.

Calculate the effort of implementing effective countermeasures.

C.

Identify countermeasures.

D.

Eliminate the risk of most threats.

Questions # 8:

When conducting a vulnerability test using a scanner tool, which unintended consequence can occur?

Options:

A.

Opening of previously closed ports

B.

Adding administrator rights on servers

C.

Performing a Cross-Site Scripting (XSS) attack

D.

Creating a Denial-Of-Service (DoS) condition

Questions # 9:

To mitigate risk related to natural disasters, an organization has a separate location with systems and communications in place. Data must be restored on the remote systems before they are ready for use. What type of remote site is this?

Options:

A.

Cold Site

B.

Mobile Site

C.

Hot Site

D.

Warm Sit

Questions # 10:

An organization provides customer call center operations for major financial service organizations around the world. As part of a long-term strategy, the organization plans to add healthcare clients to the portfolio. In preparation for contract negotiations with new clients, to which cybersecurity framework(s) should the security team ensure the organization adhere?

Options:

A.

Frameworks that fit the organization’s risk appetite, as cybersecurity does not vary industry to industry

B.

Control Objectives For Information And Related Technology (COBIT) and Health Insurance Portability And Accountability Act (HIPAA) frameworks

C.

Frameworks specific to the industries and locations clients do business in

D.

National Institute Of Standards And Technology and International Organization For Standardization (ISO) frameworks

Questions # 11:

What function prevents unauthorized devices from gaining access to a network?

Options:

A.

Network Access Control (NAC)

B.

Storage Area Network (SAN)

C.

Network Address Translation (NAT)

D.

Software-Defined Network (SDN)

Questions # 12:

Which of the following is the MAIN element in achieving a successful security strategy?

Options:

A.

Senior management commitment

B.

Security standards adoption

C.

Effective training and education

D.

Effective cost/benefit analysis

Questions # 13:

In a hospital, during a routine inspection performed by the computerized tomography device technical service, it is discovered that the values of radiation used in scans are one order of magnitude higher than the default setting. If the system has had an unauthorized access, which one of the following concepts BEST describes which core principle has been compromised?

Options:

A.

Confidentiality

B.

Availability

C.

Cybersecurity

D.

Integrity

Questions # 14:

Organization A provides scalable Information Technology (IT) infrastructure while Organization B provides security services to customers via Software as a Service (SaaS) model. Which document is used to express a set of intended actions between the organizations with respect to meeting the customers’ needs?

Options:

A.

Business partnership agreement

B.

Interconnection Security Agreement (ISA)

C.

Framework partnership agreement

D.

Memorandum of Understanding (MOU)

Questions # 15:

An organization wants to ensure the security of communications across its environment. What is the BEST way to provide confidentiality of data from handheld wireless devices to the internal network?

Options:

A.

Transmission encryption

B.

Multi-Factor Authentication (MFA)

C.

Single Sign-On (SSO)

D.

Transmission authentication

Viewing page 1 out of 12 pages
Viewing questions 1-15 out of questions