CIPS L6M7 Dumps - The Sure Way To Pass Exam
L6M7 Exam Questions (Updated 2025) 100% Real Question Answers
CIPS L6M7 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
NEW QUESTION # 47
Fluffy Pillows Ltd has recently expanded its operations and has hired more staff. These staff will work remotely and because of this Fluffy Pillows Ltd is in need of buying and upgrading their IT systems. The CEO of Fluffy Pillows is examining the security of currently held data in preparation for the expansion and has recently completed a document which looks into what data is stored where and what the consequences would be if this data were to be stolen or corrupted. In his research he has found multiple data entries for the same information, which he believes could lead to inaccuracies in data reporting. He is also concerned that the data isn't being stored securely and is unsure whether he should retain some of the confidential personal details on employees who have left the business. He has decided that along with the introduction of new systems it is important that all members of staff at Fluffy Pillows are aware of the responsibilities of storing data correctly and the risks of cyber attacks.
What should the CEO do with his wider team?
- A. Convert all staff to homeworking arrangements so everyone has equal rights
- B. Ensure that all new staff members have the correct IT equipment they need before they start
- C. Ensure all staff members complete basic Cyber Security Training
- D. Install malware on all their computers
Answer: C
Explanation:
All staff should get Cyber Security Training. This relates to the last sentence in the case study, which talks about ensuring people store data correctly and know about cyber attacks.
NEW QUESTION # 48
Zach is the Head of Procurement at a super secret military base. He does not want anyone outside of the base to know what he is procuring or which suppliers he uses as this information could be critical to national defence. He is aware that cyber criminals may be interested in stealing this information so he has decided to disconnect critical machines and systems from the internet. What is this approach to data security known as?
- A. Filtering
- B. Non-repudiation
- C. Unsyncing
- D. Air-gapping
Answer: D
Explanation:
This is air-gapping. Air-gapping is when you disconnect from an outside network such as the internet. P.171 Domain: 3.1
NEW QUESTION # 49
A person who enters into another person's computer via illegal means for personal gain, for example to steal data which will benefit them personally, is known as what?
- A. White swan
- B. Black-hat hacker
- C. White-hat hacker
- D. Black swan
Answer: B
Explanation:
This is a black hat hacker. The colour of hat the hacker wears describes their motivation. Black is bad, white is good and grey means they're hacking on behalf of a government. Black swan is about finding patterns in data that don't exist and came up in an earlier chapter. Black-hat hacking is from p.147. I don't think hackers are obliged to wear hats, it's probably just a metaphor, but I've never met one to ask.
Domain: 3.1
NEW QUESTION # 50
What are the three size characteristics of 'Big Data'? Select THREE.
- A. Variety
- B. Verity
- C. Velocity
- D. Volume
- E. Veracity
Answer: A,C,D
Explanation:
The Three Vs of Big Data are:
Volume = Large size
Variety = Different data types (text, images, etc.)
Velocity = The speed at which data is generated
NEW QUESTION # 51
Francis bought a car 4 years ago and is unsure if the company has any data on her. What can Francis do?
- A. Make a Subject Access Request
- B. Nothing - the car company does not need to reveal what information it holds about customers
- C. Make a Freedom of Information Request
- D. Nothing - the car company will not have data on her as this was 4 years ago
Answer: A
Explanation:
Francis can make a Subject Access Request. This is when you ask what data do you hold about me. The company must respond within 40 calendar days. A Freedom of Information request is different- this is when a member of the public asks the government to reveal information such as 'how much money have you spent on replacing toilet seats in Parliament?'. P.127 Domain: 2.3
NEW QUESTION # 52
Oliver has recently purchased some USB drives for his team. These are small portable storage devices that can hold dat a. He has sought assurances from the manufacturer that these are safe to use and do not contain viruses. Which of the following should he receive?
- A. Evidence of quality assurance testing
- B. A warranty
- C. Evidence the packaging has not been tampered with
- D. A guarantee
Answer: A
Explanation:
The manufacturer should provide evidence that the USB devices have been quality assured prior to purchase. Options A and B are incorrect because these relate to the items being fit for purpose for the next couple of years, rather than ensuring there isn't any virus on them now. Option D is also incorrect because it's possible for viruses to be installed on the device before it's packaged. P.177 Domain: 3.2
NEW QUESTION # 53
What is the role of a Data Controller in an organisation?
- A. To ensure the organisation is compliant with the law
- B. To control or restrict access to the data
- C. To protect the data from anyone who may wish to steal it
- D. To determine what happens to the data
Answer: D
Explanation:
A Data Controller is responsible for making decisions regarding data management, including where it is stored and how long it is retained. This role is legally recognized. (P.122)
NEW QUESTION # 54
Which of the following is an example of a Black Box problem where Deep Learning could be used?
- A. The decision of what sentence to give a newly convicted criminal
- B. Knowing when cakes are correctly baked and need to come out of the oven
- C. Choosing the correct supplier to award a contract to
- D. Deciding between transporting cargo by rail or ship
Answer: A
Explanation:
Black Box problems involve input data, but the decision-making process is unknown. Sentencing a criminal involves ethics and morality, which are hard to quantify. (P.38)
NEW QUESTION # 55
IT hacking can take many forms, and it is important for Procurement professionals to be aware of different ways their data can be compromised or stolen through cyber attacks. Which of the following is not a type of cyber attack?
- A. Man-in-the-middle
- B. Gooseberry
- C. Birthday
- D. Phishing
Answer: B
Explanation:
Gooseberry is not a type of cyber attack. The others-birthday attacks, phishing, and man-in-the-middle-are real cybersecurity threats. Other common attacks include malware, denial of service (DoS), drive-by attacks, password attacks, SQL injection, cross-site scripting, and eavesdropping. (P.146)
NEW QUESTION # 56
Tracy is a logistics manager who is using an algorithm to solve a problem. She needs to work out the shortest travel time between a warehouse and a client's location. She is using past data to help solve the problem. What type of algorithm is she using?
- A. Divide and conquer
- B. Brute force
- C. Simple recursive
- D. Dynamic programming
Answer: D
Explanation:
This is dynamic programming as it optimizes a problem using past data. Divide and conquer splits the problem into subproblems. Brute force tries all possible solutions until it finds the correct one. Simple recursive is used for repetitive calculations.
NEW QUESTION # 57
Alicia is aware of the dangers of IT hacking and has therefore created a risk assessment to assess how susceptible her business is to this threat. In her risk assessment, she has considered her employees and suppliers. Is this the correct thing to do?
- A. Yes - a risk assessment will protect Alicia's company from cyber threats
- B. No - the risk assessment should be completed by a third party
- C. No - Alicia should also consider risks throughout the supply chain
- D. Yes - employees are most likely to be targeted by hackers
Answer: C
Explanation:
While it is important to consider employees and suppliers, cybersecurity risks can exist at various points in the supply chain. Alicia needs to assess potential threats at every stage. A risk assessment alone does not protect against threats (Option B is incorrect), and there is no indication that a third party must complete the assessment (Option D). (P.154)
NEW QUESTION # 58
In relation to cyber security, what would be the benefit of a public sector organisation joining a Group Purchasing Organisation (GPO)?
- A. The GPO can result in cost savings for the organisation due to aggregate spending
- B. The GPO takes on the burden of checking suppliers' security policies and procedures
- C. The GPO is a third party who can host data on behalf of members, thus reducing the risk of hacking
- D. The GPO provides training on cyber security to public sector organisations
Answer: B
Explanation:
A GPO is the same as a Buying Consortium-it's when multiple organisations pool resources and procure together. The GPO/Consortium does the legwork for procurement activities such as vetting suppliers. This is one advantage of using them-they have the expertise to weed out unsuitable suppliers. Option A is a true statement but doesn't relate to cyber security. P.167 Domain: 3.1
NEW QUESTION # 59
Fluffy Pillows Ltd has recently expanded its operations and has hired more staff. These staff will work remotely, and because of this, Fluffy Pillows Ltd is in need of buying and upgrading their IT systems. The CEO of Fluffy Pillows is examining the security of currently held data in preparation for the expansion and has recently completed a document that looks into what data is stored where and what the consequences would be if this data were to be stolen or corrupted. In his research, he has found multiple data entries for the same information, which he believes could lead to inaccuracies in data reporting. He is also concerned that the data isn't being stored securely and is unsure whether he should retain some of the confidential personal details on employees who have left the business. He has decided that along with the introduction of new systems, it is important that all members of staff at Fluffy Pillows are aware of the responsibilities of storing data correctly and the risks of cyber attacks.
How can Fluffy Pillows ensure data is accessible for the new staff members who work from home?
- A. Portable laptops
- B. Network Attached Storage
- C. USB devices
- D. Cloud storage
Answer: D
Explanation:
Cloud storage is the answer. All the new people will be working in different places, so there needs to be a central place for them to access documents. Physical storage options such as USBs, laptops, and network-attached storage devices wouldn't work.
Domain: Scenario
NEW QUESTION # 60
Which of the following is an International Standard in Security Management Systems?
- A. ISO 14001
- B. ISO 20400
- C. ISO 28000
- D. ISO 9001
Answer: C
Explanation:
ISO 28000 is an international standard that focuses on supply chain security management, based on the Deming Cycle (Plan, Do, Check, Act). Familiarity with ISO 27001 and ISO 27002 is also recommended. (P.130)
NEW QUESTION # 61
Which of the following approaches to cyber security takes a bottom-up approach to assessing vulnerabilities meticulously item by item?
- A. elementary approach
- B. system approach
- C. technology approach
- D. component approach
Answer: D
Explanation:
This is the component approach - it looks at each individual component (each part of the IT system) in turn to check its okay. When a component is not directly controlled by the organisation (e.g. something to do with a supplier) this is called a dependency. Component approach is a bottom-up approach and is the opposite of the top-down approach which is called the 'system driven approach'. P.179 Domain: 3.2
NEW QUESTION # 62
......
Pass CIPS L6M7 Exam Quickly With ExamTorrent: https://www.examtorrent.com/L6M7-valid-vce-dumps.html
Prepare L6M7 Question Answers - L6M7 Exam Dumps: https://drive.google.com/open?id=1Yw6D-9hXmyEsKyAFjXI71_vkT0ZkkYSI
