Chapter 7 Test

Question 1

You are creating a document that describes the access rights to the financial system in your organization. It defines access by roles and responsibilities and describes the approval process for obtaining access. One of the rules stated in the document dictates that remote access to systems requires MFA. Which of the following are true regarding this question? (Choose two.)

A. This question describes an operational security policy.
B. This question describes a digital security policy.
C. This question describes a process of verifying identity by requiring two or more forms of identification at sign-in.
D. This question describes a form of data classification.
E. This question describes a data security policy.

Answer 1

B, C

Question 2

Your organization is involved in research and development of botanical cleaning products. Your recent product has just received approval to display the ® (registered) symbol. All potential employees must undergo a background check before being hired and again yearly on the anniversary of their hire date. One of the laboratories contains top-secret research and only certain employees have access to this lab. One of the employees on the project team has just been promoted and will be leaving the team to join their new functional area. This team member previously had access to the top-secret lab, but their new role no longer requires this access. Which of the following is not true regarding this question?

A. The operational security policy outlines the process for background checks for
employees.
B. Access to the top-secret
lab is outlined in the physical security policy.
C. The new product has not been registered at the U.S. Patent and Trademark office.
D. The physical security policy should outline the process for revoking access to the
top-secret lab as soon as the employee is transferred to their new role.

Answer 2

C

Question 3

A stranger comes to your door posing as a census taker. They look official in their bright
orange vest and have some type of tag or badge hanging from the vest, but you can’t read what it says. They begin to ask questions that become rather personal, including your household income on an annual basis, your birthdate, your health status, and more. You become suspicious of this person and stop to think through what to do next. Which of the following are true regarding this question?

A. Due to your suspicion of this individual, you are classifying your answers as PII and
refuse to answer.
B. Due to your suspicion of this individual, you are classifying your answers as PHI and
refuse to answer.
C. Due to your suspicion of this individual, you ask to see their badge before you decide to answer.
D. Due to your suspicion of this individual, you are classifying your answers as need-to-
know basis and refuse to answer.
E. All of the answers are true.
F. Options A, B, and D are true.

Answer 3

E

Question 4

You are asked to prepare an estimate for a project that involves planting new trees in the parking lot. The trees cost $800 each, and the labor to install them is $75 per hour. You are planting 10 new trees, and each tree takes one hour of labor to plant, stake, and water. What is the estimated cost of the labor for this project, and which technique are you using to determine this estimate? (Choose two.)

A. $8,000
B. Three-point estimate
C. Bottom-up method
D. $750
E. Analogous method
F. Parametric method
G. $8,750

Answer 4

D, F

Question 5

The total time it will take for one person to complete a task from beginning to end without taking into account holidays, time off, or other project work is known as this.

A. Duration estimate
B. Work effort estimate
C. Bottom-up estimate
D. Parametric estimate

Answer 5

B

Question 6

A discretionary fund used by the project manager to cover the cost of possible adverse events during the project is known as which of the following?

A. Management reserve
B. Chart of accounts
C. Contingency fund
D. Cost baseline

Answer 6

C

Question 7

You are developing a bottom-upcost estimate for the first phase of your project. Which of the following is the most important input to complete this task?

A. Historic data from a similar project
B. Chart of accounts
C. The WBS
D. The scope statement

Answer 7

C

Question 8

What is considered the most accurate estimate?

A. Analogous estimate
B. Bottom-up estimate
C. Estimates based on expert judgment
D. Parametric estimate

Answer 8

B

Question 9

You are asked to present and explain your project cost baseline. All of the following are true except which one?

A. The baseline will be used to track actual spending against the cost estimates.
B. The baseline can be used to predict future project costs.
C. The baseline is calculated and approved by the project manager.
D. The baseline is the total expected cost for the project.

Answer 9

C

Question 10

Your project task is complex, and you decide to use a three-point
estimating technique. Which of the following options determine the three-point
estimate? (Choose three.)

A. Quantity estimate
B. Work package level estimate
C. Materials estimate
D. Pessimistic estimate
E. Resource estimate
F. Rate estimate
G. Optimistic estimate
H. Most likely estimate

Answer 10

D, G, H

Question 11

Which of the following is used in a burn rate calculation?

A. CV
B. Determining spending rates over time
C. CPI
D. AC -PV

Answer 11

C

Question 12

Your project has a potential for a future risk event. The sponsor has told you that the organization cannot sustain the consequences of this risk. You recommend purchasing insurance so that if the risk event occurs, the organization can recoup their expenditures for the impacts of the risk. What risk strategy is this known as?

A. Avoid
B. Mitigate
C. Accept
D. Transfer

Answer 12

D

Question 13

Which technique can be used to help identify risks?

A. SWOT
B. CPI
C. EVM
D. CV

Answer 13

A

Question 14

The risk register typically contains several pieces of information. Which of the following
would you expect to see on a risk register? (Choose three.)

A. Risk owner
B. Description of risk
C. Risk score
D. Cost estimate for response plan
E. Resource costs to track risks
F. Cost estimate of the consequences of the risk

Answer 14

A, B, C

Question 15

You have identified a risk on your project, and the team decides they won’t create a response plan; if the risk happens, they’ll deal with consequences when they occur. This is an example of which risk strategy?

A. Exploit
B. Avoid
C. Mitigate
D. Accept

Answer 15

D

Question 16

The difference between planned expenditures and actual expenditures is known as which of the following?

A. Planned value
B. Variance
C. Expenditure reporting
D. Burn rate

Answer 16

B

Question 17

The clouds are rolling in over the horizon and the wind is picking up. Your outdoor event is about to get rained out. What is this an example of?

A. Risk trigger
B. Risk analysis
C. Risk probability
D. Risk response

Answer 17

A

Question 18

All of the following are strategies for dealing with negative risks, except for which one?

A. Accept
B. Transfer
C. Share
D. Mitigate

Answer 18

C

Question 19

Cost baselines when displayed graphically over time represent which of the following?

A. S curve
B. C curve
C. Evenly distributed expenditures
D. Erratic expenditures

Answer 19

A

Question 20

You are determining the risk score for each of the risks in your risk register. You need which of the following to determine this score? (Choose two.)

A. Risk tolerance levels of the stakeholders
B. Risk owners
C. Probability the risk will occur
D. Contingency reserves
E. Risk trigger scores
F. Impact if the risk occurs

Answer 20

C, F