Exin EPI Certified Information Technology Manager CITM Exam Questions

Answer : D

The scenario describes a social media platform generating a large volume of raw data (e.g., user interactions, multimedia content) and a need for advanced analysis by the marketing department. Big Data Analysis (D) is the best technology, as it handles large, unstructured datasets and uses advanced techniques (e.g., machine learning, predictive analytics) to derive insights, such as user behavior or campaign effectiveness.

Master Data Management (MDM) (A): Focuses on managing core business data (e.g., customer records) for consistency, not analyzing large raw datasets.

Digital Asset Management (DAM) (B): Manages multimedia assets (e.g., images, videos) for storage and retrieval, not advanced analysis.

Online Analytical Processing (OLAP) (C): Supports multidimensional analysis of structured data but is less suited for unstructured, large-scale social media data compared to big data tools.

Big Data Analysis aligns with IT strategy for leveraging large datasets to drive business value, as per modern data management frameworks.

Answer : C

In risk management, the Annual Loss Expectancy (ALE) is calculated as:

ALE = Single Loss Expectancy (SLE) Annualized Rate of Occurrence (ARO), where SLE = Asset Value Exposure Factor (EF).

Given:

Asset Value = $200,000

Exposure Factor (EF) = 25% = 0.25

ALE = $100,000

Calculate SLE:

SLE = Asset Value EF = $200,000 0.25 = $50,000

Calculate ARO:

ALE = SLE ARO

$100,000 = $50,000 ARO

ARO = $100,000 $50,000 = 2

Thus, the Annualized Rate of Occurrence (ARO) is 2 (C), meaning the incident is expected to occur twice per year.

0.4 (A): Incorrect; implies a lower frequency (0.4 times per year).

1 (B): Incorrect; would yield an ALE of $50,000, not $100,000.

Answer : B

The customer's focus on incorporating future functional requirements indicates a need for perfective maintenance (B). In application management, perfective maintenance involves enhancing software to add new features or improve functionality to meet evolving business needs, such as adding new modules or capabilities.

Preventive maintenance (A): Focuses on preventing issues by optimizing performance or addressing potential problems, not adding new features.

Corrective maintenance (C): Involves fixing bugs or errors, not incorporating new functionality.

Adaptive maintenance (D): Adapts software to environmental changes (e.g., new operating systems), not specifically for new functional requirements.

Perfective maintenance aligns with the SDLC's maintenance phase, ensuring the software evolves to support future business requirements.

Answer : C

Reviewing an IT service catalog, as per ITIL service asset and configuration management, focuses on ensuring services align with business needs and compliance requirements. Key criteria include:

Retiring services (A): Assessing whether services are outdated or no longer needed is critical.

New laws, codes, or regulations (B): Compliance with legal or regulatory changes is essential to avoid penalties.

Service relevance and appropriateness (D): Ensures services meet current business objectives and user needs.

Changes in the IT service provider organization (C), such as internal restructuring or staffing changes, are not typically a direct criterion for service catalog review, as the catalog focuses on services offered, not the provider's internal operations.

Answer : D

In the Software Development Life Cycle (SDLC), the development phase typically includes code writing (A), testing (B), and documenting (C) to build and verify the software. Implementation (D) is part of the deployment phase, where the software is installed and made operational in the production environment, not part of development.

Answer : B

A compensating control is an alternative control implemented when the preferred control cannot be applied due to constraints (e.g., technical, financial, or operational). According to frameworks like COBIT or ISO/IEC 27001, compensating controls provide equivalent or partial risk mitigation when the primary control is infeasible.

Deterrent controls (A) discourage violations, detective controls (C) identify incidents, and corrective controls (D) address issues after they occur. Only compensating control (B) fits the scenario of a second-best alternative due to constraints.

Answer : B

An SLA's section on estimated system response times focuses on ensuring the system meets performance expectations. Key factors for successful delivery include:

Technical specifications of the system (A): Defines the system's capabilities (e.g., processing power, architecture) critical for response times.

Skills and knowledge of staff (C): Ensures the IT team can manage and optimize the system for performance.

Technical specifications of the IT infrastructure (D): Includes network, servers, and storage, which directly impact response times.

Price for the IT service (B) is not a direct factor in achieving system response times, as it relates to cost negotiation rather than technical performance. While budget may influence resource allocation, it's not a key factor in delivering the SLA's performance metrics.