CIPS L6M7 Exam Questions Instant Access - No Installation Required

Question 1

Which of the following approaches to cyber security takes a bottom-up approach to assessing vulnerabilities meticulously item by item?

Asystem approach

Btechnology approach

Celementary approach

Dcomponent approach

Answer : D

This is the component approach - it looks at each individual component (each part of the IT system) in turn to check its okay. When a component is not directly controlled by the organisation (e.g. something to do with a supplier) this is called a dependency. Component approach is a bottom-up approach and is the opposite of the top-down approach which is called the 'system driven approach'. P.179

Domain: 3.2

Question 2

Bob is the CEO of Big Leaf Company and has a lot of sensitive data on his phone. The IT department has advised Bob he should increase his security measures to protect unwanted people accessing his phone, which he often leaves on his desk when he goes to Board Meetings. Which of the following would be most useful to Bob?

ACCTV in his office

BMulti-factor authentication

CBiometrics

DFirewall

Answer : B

Multi-factor authentication would be the most useful to protect a mobile phone. Multi-factor authentication uses three things: something you know (password), something you have (a secret code or token), and something you are (biometric scan). This is more secure than biometrics alone. CCTV does not prevent someone from accessing Bob's phone. A firewall is better suited for an IT system or intranet. P.187

Domain: 3.2

Question 3

Which of the following statements about Big Data are true? Select ALL that apply.

ABig Data must be large enough to provide reliable conclusions

BAll datasets qualify as Big Data if they provide useful information

CBig Data is a new concept, as older computers lacked storage capacity

DBig Data is solely the IT department's responsibility

EBig Data can only be analyzed by humans

Answer : A, C

Big Data requires large volumes and computing power. Not all datasets qualify as Big Data. It is used across various departments, and computers analyze it, not just humans.

Question 4

Fluffy Pillows Ltd has recently expanded its operations and has hired more staff. These staff will work remotely, and because of this, Fluffy Pillows Ltd is in need of buying and upgrading their IT systems. The CEO of Fluffy Pillows is examining the security of currently held data in preparation for the expansion and has recently completed a document that looks into what data is stored where and what the consequences would be if this data were to be stolen or corrupted. In his research, he has found multiple data entries for the same information, which he believes could lead to inaccuracies in data reporting. He is also concerned that the data isn't being stored securely and is unsure whether he should retain some of the confidential personal details on employees who have left the business. He has decided that along with the introduction of new systems, it is important that all members of staff at Fluffy Pillows are aware of the responsibilities of storing data correctly and the risks of cyber attacks.

How can Fluffy Pillows ensure data is accessible for the new staff members who work from home?

ACloud storage

BUSB devices

CPortable laptops

DNetwork Attached Storage

Answer : A

Cloud storage is the answer. All the new people will be working in different places, so there needs to be a central place for them to access documents. Physical storage options such as USBs, laptops, and network-attached storage devices wouldn't work.

Domain: Scenario

Question 5

In order to keep data secure, which three things should be considered?

AAccess, accuracy, confidentiality

BLocation, availability, access

CIntegrity, location, format

DConfidentiality, availability, integrity

Answer : D

This is the CIA triangle which is from p.143. The three aspects are the three corners of the triangle. Remember this one for the exam as I've heard it comes up frequently. Just remember data security = CIA = confidentiality, integrity and availability.

Domain: 3.1

Question 6

What are the three size characteristics of 'Big Data'? Select THREE.

AVolume

BVariety

CVeracity

DVelocity

EVerity

Answer : A, B, D

The Three Vs of Big Data are:

Volume = Large size

Variety = Different data types (text, images, etc.)

Velocity = The speed at which data is generated

Question 7

Henry is the Head of IT at Purple Rain Ltd and is presenting a case to the Senior Leadership Team to ask for more investment in the company's IT strategy. Henry believes the company has an issue with data resilience and is asking for more money to be invested in this. He has completed a Business Impact Assessment (BIA) to better understand what data the company holds. Jon is the Head of Procurement and has listened intently to Henry's presentation. He has decided to go back to his department and complete a thorough risk assessment, as he is aware his team holds a lot of data on suppliers and contracts. The CEO of Purple Rain, Roger Nelson, has asked Henry about next steps in order to protect the company from further risks associated with the IT strategy. Data is currently stored on servers located at Purple Rain's Headquarters. The server room is locked at all times of the day and is only accessible to staff members who have a key. The building itself is extremely secure with CCTV systems located both inside the server room and outside it. However, the server room is prone to overheating.

What is Henry's primary concern?

AThe accuracy of the data is questionable

BThere is a lack of data to inform business requirements

CThe company may not be able to recover quickly from disruption

DThe data has gone missing

Answer : C

Data resilience refers to a company's ability to recover quickly from disruption, such as power outages or physical damage (e.g., flooding of IT equipment). Henry's concern is that the current setup lacks resilience in case of an incident. (P.102)

CIPS Commercial Data Management L6M7 Exam Questions