M12 Practice Quiz

#asset_management #change_management

Question 1

  1. Jane, a business development manager at Dion Training, is working on finalizing an order for 50 courses and exam vouchers by one of the company’s larger clients. This order would have an approximate cost of $25,000 and will be delivered to the company within the next 30 days. Which of the following should she expect to receive from the client to pay for these courses and exam vouchers?

    Options:

    • Personal credit card
    • Purchase order
    • Company credit card
    • Individual purchase for reimbursement

    Overall explanation:

    • A purchase order is a formal document issued by the purchasing department authorizing a specific purchase. It is often used for larger, more expensive purchases.
    • A company credit card is typically used for minor purchases that must be made quickly.
    • An individual purchase involves an employee making a purchase on behalf of the company and then seeking reimbursement from the employer.
    • A personal credit card is not a standard procurement option in most organizations for official purchases.

    Tags: Acquisition and Procurement

Question 2

  1. David, an IT manager at Dion Training, wants to deploy mobile devices to employees while maintaining a high level of control and standardization, but also wants to give employees some choice in the type of device they use. Which of the following deployment models should he choose?

    Options:

    • BYOD
    • COBO
    • CYOD
    • COPE

    Overall explanation:

    • CYOD (Choose Your Own Device) operates as a middle ground between BYOD and COPE, allowing employees to select their device from a list of company-approved options. This provides employees with a sense of choice while still allowing the organization to maintain control and standardization.
    • BYOD (Bring Your Own Device) allows employees to use their personal devices which gives them more personal freedom, but can be a security challenge.
    • COPE (Company Owned Personally Enabled) provides devices to employees for both personal and work use, giving the company the most control, but may not give employees the choice they desire.
    • COBO (Company Owned Business Only) provides devices to employees that can only be used for work purposes, and this gives the company the most control and provides the least amount of freedom to the employee.

    Tags: Mobile Asset Deployments

Question 3

  1. Julia, a Data Security Analyst at Dion Training, wants to ensure that data on an old hard drive is made inaccessible and irretrievable, while still allowing the device to be reused. Which of the following should she use to accomplish this?

    Options:

    • Physical Destruction
    • Cryptographic Erase
    • Overwriting
    • Degaussing

    Overall explanation:

    • Cryptographic Erase leverages encryption technologies for data sanitization. Data is initially stored encrypted, and during the cryptographic erase process, the encryption keys are deliberately destroyed or deleted, rendering the data unreadable. However, since the actual data isn't erased, and the device can still be reused.
    • Degaussing involves using a strong magnetic field to disrupt the magnetic domains on storage devices, rendering the data unreadable and the device unusable.
    • Overwriting data multiple times involves replacing the existing data on a storage device with random bits to obscure the original data, but doesn't involve encryption.
    • Physical Destruction ensures the device itself is beyond recovery or reuse.

    Tags: Asset Disposal and Decommissioning

Question 4

  1. Maria, a Change Manager at Dion Training, wants to evaluate the consequences of a proposed change before she provides her approval. Which of the following should she utilize to accomplish this?

    Options:

    • Backout Plan
    • Impact Analysis
    • Maintenance Window
    • Vision for the change

    Overall explanation:

    • Before setting the wheels of change in motion on any proposed change, organizations must understand the potential fallout. This involves predicting the potential outcomes, understanding the possible challenges, and determining the immediate effects on the organization. Impact Analysis helps in answering these questions to ensure that the organization is prepared for the proposed change and can maximize its benefits.
    • A backout plan is a pre-determined strategy to revert systems back to their original state if a change doesn't go as planned. It acts as a safety net ensuring that operations can quickly return to normalcy in the event of complications during the change's implementation.
    • A maintenance window is a specific timeframe set aside by organizations to make system adjustments and changes to ensure that potential disruptions are minimized and, if issues arise, the impact on the organization's daily operations is reduced.
    • The vision for the change defines the desired future state, explains the reasons for the change, and provides a picture of what success looks like. The vision serves as a direction for the change, ensuring alignment across the organization.

    Tags: Change Management

Question 5

  1. Fahad, a Network Administrator at Dion Training, is proposing to implement a new critical security patch for the company's main server during an upcoming scheduled maintenance window to patch a security vulnerability in the print spooler. The print server involved in this change is actively used by employees throughout the company and the change must be validated after being implemented to ensure that the security patch was correctly applied. Which of the following technical implications would be most important for him to consider before the change is scheduled and approved for implementation?

    Options:

    • Service restarts
    • Downtime
    • Dependencies
    • Allow or deny lists

    Overall explanation:

    • Many proposed changes, such as installing a critical security patch, require services or applications to be restarted for the change to take effect. These service restarts can be disruptive, especially when applied to servers actively used by users. The restart process might also result in potential data loss in transit or the buildup of a backlog during the downtime. Therefore, knowing if any service restarts are involved in implementing the change is the first thing Fahad should consider.
    • Allow or deny lists are used by routers and firewalls to control which entities can or cannot access certain resources. A change might require modifications to these lists, especially when adding or removing an IP address or upgrading a firewall.
    • Any proposed change can risk causing downtime to systems that could, in turn, impact users or customers.
    • Modern systems are also interconnected, which creates dependencies. A change in one area might affect other parts of the system or network due to these dependencies. Before implementing a change, it's crucial to map out and understand these dependencies.

    Tags: Technical Implications of Changes