Chapter 7 Test Flashcards
You are creating a document that describes the access rights to the financial system in your organization. It defines access by roles and responsibilities and describes the approval process for obtaining access. One of the rules stated in the document dictates that remote access to systems requires MFA. Which of the following are true regarding this question? (Choose two.)
A. This question describes an operational security policy.
B. This question describes a digital security policy.
C. This question describes a process of verifying identity by requiring two or more forms of identification at sign-in.
D. This question describes a form of data classification.
E. This question describes a data security policy.
B, C
Your organization is involved in research and development of botanical cleaning products. Your recent product has just received approval to display the ® (registered) symbol. All potential employees must undergo a background check before being hired and again yearly on the anniversary of their hire date. One of the laboratories contains top-secret research and only certain employees have access to this lab. One of the employees on the project team has just been promoted and will be leaving the team to join their new functional area. This team member previously had access to the top-secret lab, but their new role no longer requires this access. Which of the following is not true regarding this question?
A. The operational security policy outlines the process for background checks for
employees.
B. Access to the top-secret
lab is outlined in the physical security policy.
C. The new product has not been registered at the U.S. Patent and Trademark office.
D. The physical security policy should outline the process for revoking access to the
top-secret lab as soon as the employee is transferred to their new role.
C
A stranger comes to your door posing as a census taker. They look official in their bright
orange vest and have some type of tag or badge hanging from the vest, but you can’t read what it says. They begin to ask questions that become rather personal, including your household income on an annual basis, your birthdate, your health status, and more. You become suspicious of this person and stop to think through what to do next. Which of the following are true regarding this question?
A. Due to your suspicion of this individual, you are classifying your answers as PII and
refuse to answer.
B. Due to your suspicion of this individual, you are classifying your answers as PHI and
refuse to answer.
C. Due to your suspicion of this individual, you ask to see their badge before you decide to answer.
D. Due to your suspicion of this individual, you are classifying your answers as need-to-
know basis and refuse to answer.
E. All of the answers are true.
F. Options A, B, and D are true.
E
You are asked to prepare an estimate for a project that involves planting new trees in the parking lot. The trees cost $800 each, and the labor to install them is $75 per hour. You are planting 10 new trees, and each tree takes one hour of labor to plant, stake, and water. What is the estimated cost of the labor for this project, and which technique are you using to determine this estimate? (Choose two.)
A. $8,000
B. Three-point estimate
C. Bottom-up method
D. $750
E. Analogous method
F. Parametric method
G. $8,750
D, F
The total time it will take for one person to complete a task from beginning to end without taking into account holidays, time off, or other project work is known as this.
A. Duration estimate
B. Work effort estimate
C. Bottom-up estimate
D. Parametric estimate
B
A discretionary fund used by the project manager to cover the cost of possible adverse events during the project is known as which of the following?
A. Management reserve
B. Chart of accounts
C. Contingency fund
D. Cost baseline
C
You are developing a bottom-upcost estimate for the first phase of your project. Which of the following is the most important input to complete this task?
A. Historic data from a similar project
B. Chart of accounts
C. The WBS
D. The scope statement
C
What is considered the most accurate estimate?
A. Analogous estimate
B. Bottom-up estimate
C. Estimates based on expert judgment
D. Parametric estimate
B
You are asked to present and explain your project cost baseline. All of the following are true except which one?
A. The baseline will be used to track actual spending against the cost estimates.
B. The baseline can be used to predict future project costs.
C. The baseline is calculated and approved by the project manager.
D. The baseline is the total expected cost for the project.
C
Your project task is complex, and you decide to use a three-point
estimating technique. Which of the following options determine the three-point
estimate? (Choose three.)
A. Quantity estimate
B. Work package level estimate
C. Materials estimate
D. Pessimistic estimate
E. Resource estimate
F. Rate estimate
G. Optimistic estimate
H. Most likely estimate
D, G, H
Which of the following is used in a burn rate calculation?
A. CV
B. Determining spending rates over time
C. CPI
D. AC -PV
C
Your project has a potential for a future risk event. The sponsor has told you that the organization cannot sustain the consequences of this risk. You recommend purchasing insurance so that if the risk event occurs, the organization can recoup their expenditures for the impacts of the risk. What risk strategy is this known as?
A. Avoid
B. Mitigate
C. Accept
D. Transfer
D
Which technique can be used to help identify risks?
A. SWOT
B. CPI
C. EVM
D. CV
A
The risk register typically contains several pieces of information. Which of the following
would you expect to see on a risk register? (Choose three.)
A. Risk owner
B. Description of risk
C. Risk score
D. Cost estimate for response plan
E. Resource costs to track risks
F. Cost estimate of the consequences of the risk
A, B, C
You have identified a risk on your project, and the team decides they won’t create a response plan; if the risk happens, they’ll deal with consequences when they occur. This is an example of which risk strategy?
A. Exploit
B. Avoid
C. Mitigate
D. Accept
D