Big Halloween Sale 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sale65best

Free APICS CPIM-8.0 Practice Exam with Questions & Answers | Set: 11

Questions 151

Typically, rough-cut capacity planning (RCCP) in a job shop environment would review which of the following work centers to determine the ability to execute the plan?

Options:
A.

Critical work centers only

B.

Gateway work centers only

C.

Final assembly work centers only

D.

All work centers

APICS CPIM-8.0 Premium Access
Questions 152

An organization is considering options to outsource their Information Technology (IT) operations. Although they do not sell anything on the Internet, they have a strong requirement in uptime of their application. After evaluating the offerings received by the Cloud Service Provider (CSP), the IT manager decided it was mandatory to develop processes to continue operations without access to community or public cloud-based applications. Which of the following arguments MOST likely led the IT manager to make this decision?

Options:
A.

Circumstances may force a cloud provider to discontinue operations

B.

Most cloud service offerings are unique to each provider and may not be easily portable

C.

Integrity and confidentiality are not ensured properly on most cloud service offerings

D.

The need to develop alternative hosting strategies for applications deployed to the cloud

Questions 153

As a result of a fault at a cloud service provider’s data center, the customer accounts of a utility organization were corrupted. Under the European Union’s (EU) General Data Protection Regulation (GDPR), which entity bears responsibility for resolving this?

Options:
A.

Data steward

B.

Data processor

C.

Data controller

D.

Data custodian

Questions 154

An organization is preparing for a natural disaster, and management is creating a Disaster Recovery Plan (DRP). What is the BEST input for prioritizing the restoration of vital Information Technology (IT) services?

Options:
A.

By priority as defined by the critical assets list

B.

The latest Continuity Of Operations Plan (COOP)

C.

Senior management assessment and approval

D.

The latest Business Impact Analysis (BIA)

Questions 155

The Cloud Security Alliance (CSA) publishes the Egregious Eleven, a list of common threats to organizations using cloud services. According to the CSA Egregious Eleven, which of the following cases falls under the category of misconfiguration and inadequate change control?

Options:
A.

Having a public-facing website with Hypertext Markup Language (HTML) encoding enabled.

B.

Exposure of data stored in cloud repositories.

C.

Username and password are sent using a POST in plain text.

D.

Unsecured data storage elements or storage containers.

Questions 156

Which of the following BEST describes web service security conformance testing as it relates to web services security testing?

Options:
A.

Generally includes threat modeling, requirements risk analysis, and security modeling

B.

Focused on ensuring that the security functionally performed by a web service meets its stated requirements

C.

Ensure individual protocol implementations adhere to the relevant published standards

D.

Focused on the smallest unit of the web service application, apart from the rest of the application

Questions 157

If an organization wanted to protect is data against loss of confidentiality in transit, which type of encryption is BEST?

Options:
A.

Symmetric cryptography

B.

Public Key Infrastructure (PKI) with asymmetric keys

C.

Password encryption using hashing (with salt and pepper)

D.

Message Authentication Code (MAC) using hashing

Questions 158

An agency has the requirement to establish a direct data connection with another organization for the purpose of exchanging data between the agency and organization systems. There is a requirement for a formal agreement between the agency and organization. Which source of standards can the system owners use to define the roles and responsibilities along with details for the technical and security requirements?

Options:
A.

International Organization For Standardization (ISO)

B.

European Committee for Electrotechnical Standardization

C.

Caribbean Community Regional Organization for Standards and Quality

D.

Institute of Electrical and Electronics Engineers (IEEE)

Questions 159

An organization has recently been hacked. To prevent future breaches, the Chief Information Security Officer (CISO) hires a third-party vendor to perform penetration testing on the network. Once complete, the vendor provides to the CISO a final report generated by a high-quality vulnerability scanner. The CISO rejects the report as incomplete.

Why is the vendor's penetration test considered incomplete?

Options:
A.

The vendor should have attempted to exploit the identified vulnerabilities.

B.

The vendor should also provide a guide to remediate the identified vulnerabilities.

C.

The vendor should have provided a risk report of vulnerabilities found.

D.

The vendor should have worked closely with network engineers to understand the network infrastructure better.

Questions 160

An organization has network services in a data center that are provisioned only for internal use, and staff at offices and staff working from home both use the services to store sensitive customer data. The organization does not want the Internet Protocol (IP) address of the service to receive traffic from users not related to the organization. Which technology is MOST useful to the organization in protecting this network?

Options:
A.

Intrusion Detection System (IDS)

B.

Domain Name System (DNS)

C.

Network Address Translation (NAT)

D.

Virtual Private Network (VPN)

Questions 161

An organization is opening a new data center and is looking for a facilities security officer to provide best practices for the site and facility design. The two major requirements for this organization are not to attract undue attention and avoid proximity to potentially hazardous sites.

What site selection considerations do these requirements BEST fall under when deciding on the location for a facility?

Options:
A.

Visibility and natural disasters

B.

Visibility and locale

C.

Visibility and hazardous sites

D.

Visibility and transportation

Questions 162

An organization is preparing to deploy Multi-Factor Authentication (MFA) to its workforce. The primary concerns of the organization are cost and security. The organization realizes that their entire workforce has computers and smartphones. Which of the following is BEST suited to address the organization's concerns?

Options:
A.

Soft token

B.

Short Message Service (SMS)

C.

Personal Identification Number (PIN) code

D.

Hard token

Questions 163

An organization decides to conduct penetration testing. Senior management is concerned about the potential loss of information through data exfiltration. The organization is currently preparing a major product launch that is time-sensitive. Which of the following methods of testing is MOST appropriate?

Options:
A.

Gray box

B.

Green box

C.

Black box

D.

White box

Questions 164

An organization routes traffic between two of its sites using non-revenue network paths provided by peers on an Internet exchange point. What is the MOST appropriate recommendation the organization's security staff can make to prevent a compromise?

Options:
A.

Cease routing traffic over the Internet exchange point and use the transit provider exclusively.

B.

Ask the peers who route the traffic to sign a Non-Disclosure Agreement (NDA).

C.

Use Internet Protocol Security (IPsec) between the border gateways at either site.

D.

Nothing needs to be done because applications are already required to encrypt and authenticate network traffic.

Questions 165

An organization’s computer incident responses team PRIMARY responds to which type of control?

Options:
A.

Administrative

B.

Detective

C.

Corrective

D.

presentative

Exam Code: CPIM-8.0
Certification Provider: APICS
Exam Name: Certified in Planning and Inventory Management (CPIM 8.0)
Last Update: Nov 2, 2025
Questions: 565

APICS Related Exams

How to pass APICS CPIM-ECO - Execution and Control of Operations Exam
How to pass APICS CPIM-Part-2 - Certified in Planning and Inventory Management(Part 2) Exam
CLTD - Certified in Logistics, Transportation and Distribution
CTSC - Certified in Transformation for Supply Chain (CTSC)
CSCP - Certified Supply Chain Professional Exam
APICS Free Access
Get APICS Full Access

APICS Free Exams
APICS Free Exams
Get the best free APICS exam study materials and practice tests at Examstrack. Perfect your APICS preparation by visiting Examstrack.