CompTIA A+ Certification validates the latest skills needed by today’s computer support professionals. CompTIA A+ confirms a technician's ability to perform tasks such as installation, configuration, diagnosing, preventive maintenance and basic networking. and more at http://certkingdom.com
ISACA’s Certified in Risk and Information Systems Control (CRISC)
certification indicates expertise in identifying and managing enterprise IT risk
and implementing and maintaining information systems controls. Gain instant
recognition and credibility with CRISC and boost your career!
THE CRISC DIFFERENCE Whether you are seeking a new career opportunity or striving to grow within
your current organization, a CRISC certification proves your expertise in these
work-related domains
PREPARE FOR THE EXAM Set yourself up to succeed on exam day. Whether you prefer to prep on your
own time or want the additional guidance and interaction that comes with live
instruction, we have the right CRISC test prep solutions for you.
Course Description The CRISC Online Review Course is an online preparation course that prepares
learners to pass the CRISC certification exam using proven instructional design
techniques and interactive activities.The course covers all four of the CRISC
domains, and each section corresponds directly to the CRISC job practice.
The course incorporates video, interactive eLearning modules, downloadable,
interactive workbooks, downloadable job aids, case study activities, and pre-and
post-course assessments. Learners will be able to navigate the course at their
own pace, following a recommended structure, or target preferred job practice
areas. Learners may also start and stop the course based on their study
schedule, picking up exactly where they left off the next time they access the
course.
Learning Objectives:
At the completion of this course you will be able to: Identify the IT risk management strategy in support of business objectives
and alignment with the Enterprise Risk Management (ERM) strategy.
Analyze and evaluate IT risk to determine the likelihood and impact on business
objectives to enable risk-based decision making.
Determine risk response options and evaluate their efficiency and effectiveness
to manage risk in alignment with business objectives.
Continuously monitor and report on IT risk and controls to relevant stakeholders
to ensure the continued efficiency and effectiveness of the IT risk management
strategy and its alignment with business objectives.
Included Materials: Video
Interactive Content
Downloadable workbooks and job aids
Case study activities
Practice exam
Ideal For: Professionals preparing to become CRISC certified
Risk practitioners
Students or recent graduates
Cancellation/Refund Policy
All purchases of online learning courses are final. Access to the online
learning courses and materials is immediate upon purchasing; therefore no
refunds or exchanges will be provided. Prices subject to change without notice.
Enterprise Training Online review courses are also available for purchase through our enterprise
sales team for larger organizations. Visit the Enterprise Training page and
reach out to an associate for more information.
QUESTION 1 Which of the following is the MOST important reason to maintain key risk
indicators (KRIs)?
A. In order to avoid risk
B. Complex metrics require fine-tuning
C. Risk reports need to be timely
D. Threats and vulnerabilities change over time
Correct Answer: D
Explanation:
Threats and vulnerabilities change over time and KRI maintenance ensures that
KRIs continue to effectively
capture these changes.
The risk environment is highly dynamic as the enterprise's internal and external
environments are constantly
changing. Therefore, the set of KRIs needs to be changed over time, so that they
can capture the changes in
threat and vulnerability.
Incorrect Answers:
A: Risk avoidance is one possible risk response. Risk responses are based on KRI
reporting, but is not the
reason for maintenance of KRIs.
B: While most key risk indicator (KRI) metrics need to be optimized in respect
to their sensitivity, the most
important objective of KRI maintenance is to ensure that KRIs continue to
effectively capture the changes in
threats and vulnerabilities over time. Hence the most important reason is that
because of change of threat and
vulnerability overtime.
C: Risk reporting timeliness is a business requirement, but is not a reason for
KRI maintenance.
QUESTION 2 You are the project manager of a HGT project that has recently finished the
final compilation process. The
project customer has signed off on the project completion and you have to do few
administrative closure
activities. In the project, there were several large risks that could have
wrecked the project but you and your
project team found some new methods to resolve the risks without affecting the
project costs or project
completion date. What should you do with the risk responses that you have
identified during the project's
monitoring and controlling process?
A. Include the responses in the project management plan.
B. Include the risk responses in the risk management plan.
C. Include the risk responses in the organization's lessons learned database.
D. Nothing. The risk responses are included in the project's risk register
already.
Correct Answer: C
Explanation:
The risk responses that do not exist up till then, should be included in the
organization's lessons learned
database so other project managers can use these responses in their project if
relevant.
Incorrect Answers:
A: The responses are not in the project management plan, but in the risk
response plan during the project and
they'll be entered into the organization's lessons learned database.
B: The risk responses are included in the risk response plan, but after
completing the project, they should be
entered into the organization's lessons learned database.
D: If the new responses that were identified is only included in the project's
risk register then it may not be
shared with project managers working on some other project.
QUESTION 3 You are the project manager of GHT project. You have identified a risk event
on your project that could save
$100,000 in project costs if it occurs. Which of the following statements BEST
describes this risk event?
A. This risk event should be mitigated to take advantage of the savings.
B. This is a risk event that should be accepted because the rewards outweigh the
threat to the project.
C. This risk event should be avoided to take full advantage of the potential
savings.
D. This risk event is an opportunity to the project and should be exploited.
Correct Answer: D
Explanation:
This risk event has the potential to save money on project costs, so it is an
opportunity, and the appropriate
strategy to use in this case is the exploit strategy. The exploit response is
one of the strategies to negate risks
or threats appear in a project. This strategy may be selected for risks with
positive impacts where the
organization wishes to ensure that the opportunity is realized. Exploiting a
risk event provides opportunities for
positive impact on a project. Assigning more talented resources to the project
to reduce the time to completion
is an example of exploit response.
Incorrect Answers:
A, C: Mitigation and avoidance risk response is used in case of negative risk
events, and not in positive risk
events. Here in this scenario, as it is stated that the event could save
$100,000, hence it is a positive risk
event. Therefore should not be mitigated or avoided.
B: To accept risk means that no action is taken relative to a particular risk;
loss is accepted if it occurs. But as
this risk event bring an opportunity, it should me exploited and not accepted.
QUESTION 4 You are the project manager of a large construction project. This project
will last for 18 months and will cost
$750,000 to complete. You are working with your project team, experts, and
stakeholders to identify risks
within the project before the project work begins. Management wants to know why
you have scheduled so
many risk identification meetings throughout the project rather than just
initially during the project planning.
What is the best reason for the duplicate risk identification sessions?
A. The iterative meetings allow all stakeholders to participate in the risk
identification processes throughout the project phases.
B. The iterative meetings allow the project manager to discuss the risk events
which have passed the project and which did not happen.
C. The iterative meetings allow the project manager and the risk identification
participants to identify newly discovered risk events throughout the project.
D. The iterative meetings allow the project manager to communicate pending risks
events during project execution.
Correct Answer: C
Explanation:
Risk identification is an iterative process because new risks may evolve or
become known as the project progresses through its life cycle.
Incorrect Answers:
A: Stakeholders are encouraged to participate in the risk identification
process, but this is not the best choice.
B: Risk identification focuses on discovering new risk events, not the events
which did not happen.
D: The primary reason for iterations of risk identification is to identify new
risk events.
QUESTION 5 You are the risk official in Bluewell Inc. You are supposed to prioritize
several risks. A risk has a rating for
occurrence, severity, and detection as 4, 5, and 6, respectively. What Risk
Priority Number (RPN) you would give to it?
A. 120
B. 100
C. 15
D. 30
Correct Answer: A
Explanation:
Steps involving in calculating risk priority number are as follows:
Identify potential failure effects
Identify potential causes
Establish links between each identified potential cause
Identify potential failure modes
Assess severity, occurrence and detection
Perform score assessments by using a scale of 1 -10 (low to high rating) to
score these assessments.
Compute the RPN for a particular failure mode as Severity multiplied by
occurrence and detection.
RPN = Severity * Occurrence * Detection
Hence,
RPN = 4 * 5 * 6
= 120
Incorrect Answers:
B, C, D: These are not RPN for given values of severity, occurrence, and
detection.
QUESTION 6
Which of the following is the MOST important use of KRIs?
A. Providing a backward-looking view on risk events that have occurred
B. Providing an early warning signal
C. Providing an indication of the enterprise's risk appetite and tolerance
D. Enabling the documentation and analysis of trends
Correct Answer: B
Explanation:
Key Risk Indicators are the prime monitoring indicators of the enterprise. KRIs
are highly relevant and possess
a high probability of predicting or indicating important risk. KRIs help in
avoiding excessively large number of
risk indicators to manage and report that a large enterprise may have.
As KRIs are the indicators of risk, hence its most important function is to
effectively give an early warning
signal that a high risk is emerging to enable management to take proactive
action before the risk actually
becomes a loss.
Incorrect Answers:
A: This is one of the important functions of KRIs which can help management to
improve but is not as
important as giving early warning.
C: KRIs provide an indication of the enterprise's risk appetite and tolerance
through metric setting, but this is
not as important as giving early warning.
D: This is not as important as giving early warning. Click here to
view complete Q&A of Isaca CRISC exam
Certkingdom Review,
Certkingdom PDF Best Isaca CRISC
Certification, Isaca CRISC
Training at certkingdom.com
Prove Your Scrum Knowledge and Get Certified The Professional Scrum MasterTM level I (PSM I) assessment is available to
anyone who wishes to validate his or her depth of knowledge of the PictureScrum
framework and its application. Those who pass the assessment will receive the
industry recognized PSM I Certification to demonstrate their fundamental level
of Scrum mastery.
Taking a course is not required and if you feel that you already possess a high
level of Scrum knowledge, understanding of the Scrum Guide and how to apply
Scrum within Scrum Teams, you have the option to take the PSM I assessment
directly. However, there are courses available to help you prepare for the
assessment and gain a stronger understanding of Scrum. Depending on your role,
either the 2-day Professional Scrum Foundations or Professional Scrum Master
course is highly recommended.
Prepare for the Assessment The assessment is difficult; preparation is required to achieve a passing
score. Reading the Scrum Guide and taking the Open Assessments alone isn't
typically enough preparation and we recommend reviewing the content below:
The assessment covers topics from multiple Focus Areas defined by the
Professional Scrum Competencies.
Many questions ask you to think about or interpret the meaning from the Scrum
Guide and how you would apply Scrum within a Scrum Team.
The PSM I Suggested Reading lists the Focus Areas from which questions may be
selected during the assessment.
The Scrum Master Learning Path contains many additional resources to help you
prepare to take the PSM I Assessment.
Search the list of existing Professional Scrum certification holders here or see
a breakdown on how many people hold certifications.
To protect the integrity of the certification process, Scrum.org does not share
information about the specific questions that were answered correctly or
incorrectly. Learn More
The cost of PSM I is $150 USD. Assessment passwords are valid for one attempt,
do not expire and remain valid until used. See below for more details.
Details Fee: $150 USD per attempt
Passing score: 85%
Time limit: 60 minutes
Number of Questions: 80
Format: Multiple Choice, Multiple Answer and True/False
Difficulty: Intermediate
Language: English only
Scrum Resources
Required course: None
Recommended courses: Professional Scrum Foundations or Professional Scrum Master
PSM Subject Areas
Practice Assessment: Scrum Open
Ways to Learn More to help you prepare
Passwords have no expiration date, but are valid for one attempt only
When you purchase a password, it is set up in our system and emailed to you
within one business day. All Students in a PSM or PSF course are emailed a
password upon completion of the course (typically within 3-5 business days).**
Certification If you pass the PSM I assessment you will receive the industry-recognized "PSM
I" certification, along with a PSM I logo that you can use to identify your
achievement. In addition, your name will be posted publicly for colleagues,
managers, and potential employers to see.
Unlike other Scrum certifications that require only class attendance, Scrum.org
certification requires a minimum score on an online assessment. Attending a
course is neither required nor sufficient for certification. This gives
Scrum.org certification teeth and ensures that it has true value in the
marketplace.
Search the list of Professional Scrum Certificate Holders
QUESTION 1
When many Scrum Teams are working on the same product, should all of their
increments be integrated every Sprint?
A. Yes, but only for Scrum Teams whose work has dependencies.
B. Yes, otherwise the Product Owners (and stakeholders) may not be able to
accurately inspect what is done.
C. No, each Scrum Team stands alone.
D. No, that is far too hard and must be done in a hardening Sprint.
Correct Answer: B
QUESTION 2 When can a Development Team cancel a Sprint?
A. It can’t. Only Product Owners can cancel Sprints.
B. When functional expectations are not well understood.
C. When the Product Owner is absent too often.
D. When the selected Product Backlog items for the Sprint become unachievable.
E. When a technical dependency cannot be resolved.
Correct Answer: A
QUESTION 3 Which output from Sprint Planning provides the Development Team with a
target and overarching direction for the Sprint?
A. The Sprint Backlog.
B. The Sprint Goal
C. The release plan.
D. Sprint Review minutes.
Correct Answer: B
QUESTION 4 How should a Development Team deal with non-functional requirements?
A. Ensure every Increment meets them.
B. Make sure the release department understands these requirements, but it is
not the Development Team’s responsibility.
C. Handle them during the Integration Sprint preceding the Release Sprint.
D. Assign them to the lead developers on the team.
Correct Answer: A
QUESTION 5
When is a Sprint over?
A. When the Product Owner says it is done.
B. When all Product Backlog items meet their definition of “Done”.
C. When all the tasks are completed.
D. When the time-box expires.
Regression and Modeling Designed for SAS professionals who use SAS/STAT® software to conduct and
interpret complex statistical data analysis
Successful candidates should have experience in:
Analysis of variance.
Linear and logistic regression.
Preparing inputs for predictive models.
Measuring model performance.
ANOVA - 10% Verify the assumptions of ANOVA
Analyze differences between population means using the GLM and TTEST procedures
Perform ANOVA post hoc test to evaluate treatment effect
Detect and analyze interactions between factors
Linear Regression - 20% Fit a multiple linear regression model using the REG and GLM procedures
Analyze the output of the REG, PLM, and GLM procedures for multiple linear
regression models
Use the REG or GLMSELECT procedure to perform model selection
Assess the validity of a given regression model through the use of diagnostic
and residual analysis
Logistic Regression - 25% Perform logistic regression with the LOGISTIC procedure
Optimize model performance through input selection
Interpret the output of the LOGISTIC procedure
Score new data sets using the LOGISTIC and PLM procedures
Prepare Inputs for Predictive Model Performance - 20% Identify the potential challenges when preparing input data for a model
Use the DATA step to manipulate data with loops, arrays, conditional statements
and functions
Improve the predictive power of categorical inputs
Screen variables for irrelevance and non-linear association using the CORR
procedure
Screen variables for non-linearity using empirical logit plots
Measure Model Performance - 25% Apply the principles of honest assessment to model performance measurement
Assess classifier performance using the confusion matrix
Model selection and validation using training and validation data
Create and interpret graphs (ROC, lift, and gains charts) for model comparison
and selection
Establish effective decision cut-off values for scoring
ANOVA - 10% Verify the assumptions of ANOVA
Explain the central limit theorem and when it must be applied
Examine the distribution of continuous variables (histogram, box-whisker, Q-Q
plots)
Describe the effect of skewness on the normal distribution
Define H0, H1, Type I/II error, statistical power, p-value
Describe the effect of sample size on p-value and power
Interpret the results of hypothesis testing
Interpret histograms and normal probability charts
Draw conclusions about your data from histogram, box-whisker, and Q-Q plots
Identify the kinds of problems may be present in the data: (biased sample,
outliers, extreme values)
For a given experiment, verify that the observations are independent
For a given experiment, verify the errors are normally distributed
Use the UNIVARIATE procedure to examine residuals
For a given experiment, verify all groups have equal response variance
Use the HOVTEST option of MEANS statement in PROC GLM to asses response
variance
Analyze differences between population means using the GLM and TTEST
procedures Use the GLM Procedure to perform ANOVA
o CLASS statement
o MODEL statement
o MEANS statement
o OUTPUT statement
Evaluate the null hypothesis using the output of the GLM procedure
Interpret the statistical output of the GLM procedure (variance derived from
MSE, F value, p-value R**2, Levene's test)
Interpret the graphical output of the GLM procedure
Use the TTEST Procedure to compare means
Perform ANOVA post hoc test to evaluate treatment effect Use the LSMEANS statement in the GLM or PLM procedure to perform pairwise
comparisons
Use PDIFF option of LSMEANS statement
Use ADJUST option of the LSMEANS statement (TUKEY and DUNNETT)
Interpret diffograms to evaluate pairwise comparisons
Interpret control plots to evaluate pairwise comparisons
Compare/Contrast use of pairwise T-Tests, Tukey and Dunnett comparison methods
Detect and analyze interactions between factors Use the GLM procedure to produce reports that will help determine the
significance of the interaction between factors. MODEL statement
LSMEANS with SLICE=option (Also using PROC PLM)
ODS SELECT
Interpret the output of the GLM procedure to identify interaction between
factors: p-value
F Value
R Squared
TYPE I SS
TYPE III SS
Linear Regression - 20%
Fit a multiple linear regression model using the REG and GLM procedures
Use the REG procedure to fit a multiple linear regression model
Use the GLM procedure to fit a multiple linear regression model
Analyze the output of the REG, PLM, and GLM procedures for multiple linear
regression models
Interpret REG or GLM procedure output for a multiple linear regression model:
convert models to algebraic expressions
Convert models to algebraic expressions
Identify missing degrees of freedom
Identify variance due to model/error, and total variance
Calculate a missing F value
Identify variable with largest impact to model
For output from two models, identify which model is better
Identify how much of the variation in the dependent variable is explained by
the model
Conclusions that can be drawn from REG, GLM, or PLM output: (about H0, model
quality, graphics)
Use the REG or GLMSELECT procedure to perform model selection Use the SELECTION option of the model statement in the GLMSELECT procedure
Compare the different model selection methods (STEPWISE, FORWARD, BACKWARD)
Enable ODS graphics to display graphs from the REG or GLMSELECT procedure
Identify best models by examining the graphical output (fit criterion from the
REG or GLMSELECT procedure)
Assign names to models in the REG procedure (multiple model statements)
Assess the validity of a given regression model through the use of diagnostic
and residual analysis Explain the assumptions for linear regression
From a set of residuals plots, asses which assumption about the error terms
has been violated
Use REG procedure MODEL statement options to identify influential observations
(Student Residuals, Cook's D, DFFITS, DFBETAS)
Explain options for handling influential observations
Identify collinearity problems by examining REG procedure output
Use MODEL statement options to diagnose collinearity problems (VIF, COLLIN,
COLLINOINT)
Logistic Regression - 25% Perform logistic regression with the LOGISTIC procedure
Identify experiments that require analysis via logistic regression
Identify logistic regression assumptions
logistic regression concepts (log odds, logit transformation, sigmoidal
relationship between p and X)
Use the LOGISTIC procedure to fit a binary logistic regression model (MODEL
and CLASS statements)
Optimize model performance through input selection Use the LOGISTIC procedure to fit a multiple logistic regression model
LOGISTIC procedure SELECTION=SCORE option
Perform Model Selection (STEPWISE, FORWARD, BACKWARD) within the LOGISTIC
procedure
Interpret the output of the LOGISTIC procedure Interpret the output from the LOGISTIC procedure for binary logistic
regression models: Model Convergence section
Testing Global Null Hypothesis table
Type 3 Analysis of Effects table
Analysis of Maximum Likelihood Estimates table
Association of Predicted Probabilities and Observed Responses
Score new data sets using the LOGISTIC and PLM procedures Use the SCORE statement in the PLM procedure to score new cases
Use the CODE statement in PROC LOGISTIC to score new data
Describe when you would use the SCORE statement vs the CODE statement in PROC
LOGISTIC
Use the INMODEL/OUTMODEL options in PROC LOGISTIC
Explain how to score new data when you have developed a model from a biased
sample
Prepare Inputs for Predictive Model Performance - 20%
Identify the potential challenges when preparing input data for a model
Identify problems that missing values can cause in creating predictive models
and scoring new data sets
Identify limitations of Complete Case Analysis
Explain problems caused by categorical variables with numerous levels
Discuss the problem of redundant variables
Discuss the problem of irrelevant and redundant variables
Discuss the non-linearities and the problems they create in predictive models
Discuss outliers and the problems they create in predictive models
Describe quasi-complete separation
Discuss the effect of interactions
Determine when it is necessary to oversample data
Use the DATA step to manipulate data with loops, arrays, conditional statements
and functions
Use ARRAYs to create missing indicators
Use ARRAYS, LOOP, IF, and explicit OUTPUT statements
Improve the predictive power of categorical inputs
Reduce the number of levels of a categorical variable
Explain thresholding
Explain Greenacre's method
Cluster the levels of a categorical variable via Greenacre's method using the
CLUSTER procedure
o METHOD=WARD option
o FREQ, VAR, ID statement
o Use of ODS output to create an output data set
Convert categorical variables to continuous using smooth weight of evidence
Screen variables for irrelevance and non-linear association using the CORR
procedure
Explain how Hoeffding's D and Spearman statistics can be used to find
irrelevant variables and non-linear associations
Produce Spearman and Hoeffding's D statistic using the CORR procedure (VAR,
WITH statement)
Interpret a scatter plot of Hoeffding's D and Spearman statistic to identify
irrelevant variables and non-linear associations
Screen variables for non-linearity using empirical logit plots
Use the RANK procedure to bin continuous input variables (GROUPS=, OUT=
option; VAR, RANK statements)
Interpret RANK procedure output
Use the MEANS procedure to calculate the sum and means for the target cases
and total events (NWAY option; CLASS, VAR, OUTPUT statements)
Create empirical logit plots with the SGPLOT procedure
Interpret empirical logit plots
Measure Model Performance - 25% Apply the principles of honest assessment to model performance measurement
Explain techniques to honestly assess classifier performance
Explain overfitting
Explain differences between validation and test data
Identify the impact of performing data preparation before data is split
Assess classifier performance using the confusion matrix
Explain the confusion matrix
Define: Accuracy, Error Rate, Sensitivity, Specificity, PV+, PV-
Explain the effect of oversampling on the confusion matrix
Adjust the confusion matrix for oversampling
Model selection and validation using training and validation data
Divide data into training and validation data sets using the SURVEYSELECT
procedure
Discuss the subset selection methods available in PROC LOGISTIC
Discuss methods to determine interactions (forward selection, with bar and @
notation)
Create interaction plot with the results from PROC LOGISTIC
Select the model with fit statistics (BIC, AIC, KS, Brier score)
Create and interpret graphs (ROC, lift, and gains charts) for model comparison
and selection
Explain and interpret charts (ROC, Lift, Gains)
Create a ROC curve (OUTROC option of the SCORE statement in the LOGISTIC
procedure)
Use the ROC and ROCCONTRAST statements to create an overlay plot of ROC curves
for two or more models
Explain the concept of depth as it relates to the gains chart
Establish effective decision cut-off values for scoring
Illustrate a decision rule that maximizes the expected profit
Explain the profit matrix and how to use it to estimate the profit per scored
customer
Calculate decision cutoffs using Bayes rule, given a profit matrix
Determine optimum cutoff values from profit plots
Given a profit matrix, and model results, determine the model with the highest
average profit
Note: All 22 main objectives will be tested on every exam. The 126 expanded
objectives are provided for additional explanation and define the entire domain
that could be tested.
QUESTION 1 When mean imputation is performed on data after the data is partitioned for
honest assessment, what is the most appropriate method for handling the mean
imputation?
A. The sample means from the validation data set are applied to the training and
test data sets.
B. The sample means from the training data set are applied to the validation and
test data sets.
C. The sample means from the test data set are applied to the training and
validation data sets.
D. The sample means from each partition of the data are applied to their own
partition.
Correct Answer: B
QUESTION 2 An analyst generates a model using the LOGISTIC procedure. They are now
interested in getting the
sensitivity and specificity statistics on a validation data set for a variety of
cutoff values.
Which statement and option combination will generate these statistics?
A. Score data=valid1 out=roc;
B. Score data=valid1 outroc=roc;
C. mode1 resp(event= '1') = gender region/outroc=roc;
D. mode1 resp(event"1") = gender region/ out=roc;
Correct Answer: B
QUESTION 3 In partitioning data for model assessment, which sampling methods are
acceptable? (Choose two.)
A. Simple random sampling without replacement
B. Simple random sampling with replacement
C. Stratified random sampling without replacement
D. Sequential random sampling with replacement
Correct Answer: AC
QUESTION 4 An analyst has a sufficient volume of data to perform a 3-way partition of
the data into training, validation, and test sets to perform honest assessment
during the model building process.
What is the purpose of the training data set?
A. To provide an unbiased measure of assessment for the final model.
B. To compare models and select and fine-tune the final model.
C. To reduce total sample size to make computations more efficient.
D. To build the predictive models.
Correct Answer: A
QUESTION 5 The total modeling data has been split into training, validation, and test
data. What is the best data to use for model assessment?
A. Training data
B. Total data
C. Test data
D. Validation data
If you’re experienced using agile approaches, have good collaboration skills,
eagerly embrace complexity and thrive on rapid response times, then your talents
are in demand.
The PMI Agile Certified Practitioner (PMI-ACP)® formally recognizes your
knowledge of agile principles and your skill with agile techniques. It will make
you shine even brighter to your employers, stakeholders and peers.
The PMI-ACP® is our fastest growing certification, and it’s no wonder.
Organizations that are highly agile and responsive to market dynamics complete
more of their projects successfully than their slower-moving counterparts — 75
percent versus 56 percent — as shown in our 2015 Pulse of the Profession®
report.
The PMI-ACP spans many approaches to agile such as Scrum, Kanban, Lean, extreme
programming (XP) and test-driven development (TDD.) So it will increase your
versatility, wherever your projects may take you.
Take the PMI-ACP Exam Online Through an online proctor, you have the option to take the PMI-ACP exam from
home or your office—a great option to fit your busy lifestyle.
Who Should Apply? If you work on agile teams or if your organization is adopting agile
practices, the PMI-ACP is a good choice for you. Compared with other agile
certifications based solely on training and exams, the PMI-ACP is evidence of
your real-world, hands-on experience and skill.
Gain and Maintain Your PMI-ACP The certification exam has 120 multiple-choice questions and you have three
hours to complete it.
To maintain your PMI-ACP, you must earn 30 professional development units (PDUs)
in agile topics every three years.
Prerequisites 2,000 hours of general project experience working on teams. A current PMP®
or PgMP® will satisfy this requirement but is not required to apply for the
PMI-ACP.
1,500 hours working on agile project teams or with agile methodologies. This
requirement is in addition to the 2,000 hours of general project experience.
21 contact hours of training in agile practices.
QUESTION 1 What key benefits might stakeholders realize from an Agile approach?
A. The ability to bypass the change-management process, inserting new
requirements and changes directly into the team as they meet daily
B. The early and continuous delivery of valuable software, providing increased
visibility and the opportunity for more frequent adjustments
C. Increased access to the project and less reliance on formal reports and
status meetings to better understand the current work and the risks the team is
accepting
D. The team’s flexibility to make changes mid-iteration as business needs or
priorities change, increasing the ability of the team to meet project
commitments
Correct Answer: B
QUESTION 2 What is the first thing that a team should do to estimate user stories for a
project?
A. Sort the user stories according to priority.
B. Schedule a team meeting to understand them.
C. Define the story points measure.
D. Estimate through function point analysis.
Correct Answer: C
QUESTION 3 A story point is the:
A. Relative measure of the size of a user story.
B. Duration it takes to complete a user story.
C. Priority of the user story in the backlog.
D. Business value of the user story.
Correct Answer: A
QUESTION 4 According to the Agile Manifesto, which of the following describes the more
valued items?
A. Customer collaboration, following a plan, working software, and individual
interactions 07B13F58239056B81577933EB624485B
B. Working software, individual interactions, responding to change, and
comprehensive documentation
C. Individual interactions, working software, customer collaboration, and
responding to change
D. Responding to change, individual interactions, processes and tools, and
customercollaboration
Correct Answer: C
QUESTION 5 On a particular project, product quality is being measured at regular
intervals and is consistently below the acceptable level. In a Lean environment,
how should this problem be addressed?
A. The team should implement more rigorous testing at the end of each
development cycle.
B. Management should direct the team on specific actions that they should take
to improve quality.
C. Management should guide the team as it seeks to improve itself and reduce
errors in the system.
D. The Project Champion should review the acceptable quality threshold to ensure
that it is realistic.
The Citrix 1Y0-340 exam preparation guide is designed to provide candidates with
necessary information about the CCP-N exam. It includes exam summary, sample
questions, practice test, objectives and ways to interpret the exam objectives
to enable candidates to assess the types of questions-answers that may be asked
during the Citrix Certified Professional Networking (CCP-N) exam.
It is recommended for all the candidates to refer the 1Y0-340 objectives and
sample questions provided in this preparation guide. The Citrix CCP-N
certification is mainly targeted to the candidates who want to build their
career in Networking domain and demonstrate their expertise. We suggest you to
use practice exam listed in this cert guide to get used to with exam environment
and identify the knowledge areas where you need more work prior to taking the
actual Citrix ADC Advanced Topics - Security Management and Optimization exam.
Citrix 1Y0-340 Exam Summary:
Citrix ADC Advanced Topics - Security Management and Optimization (CCP-N)
Exam Code 1Y0-340
Duration 90 minutes
Number of Questions 62
Passing Score 62%
Recommended Training / Books CNS-320 Citrix NetScaler Advanced Topics -
Security, Management, and Optimization
Schedule Exam PEARSON VUE
Sample Questions Citrix 1Y0-340 Sample Questions
Recommended Practice Citrix Certified Professional Networking (CCP-N) Practice
Test
Section Weight Objectives Citrix Web App Firewall Overview 8% - Identify common web application
attacks.
- Determine the Functionality of Citrix Web App Firewall, given a scenario.
- Understand the audit for PCI-DSS compliance.
Citrix Web App Firewall Profiles and Policies 6% - Determine how to create
(or implement) Citrix Web App Firewall profiles. - Determine how to configure Citrix Web App Firewall Policies.
- Determine how to analyze application firewall settings.
Regular Expression 5% - Identify PCRE metacharacters. - Determine how to apply regular expressions for Citrix ADC.
Attacks and Protections 21% - Determine how to configure security checks to
meet given requirements. - Identify various attacks and protections.
- Determine how to configure the generation of simple and generalized rules
based on given requirements.
- Determine learned rules per security check.
- Determine how to deploy, skip and edit learned rules.
Monitoring and Troubleshooting 8% - Determine how Citrix Web App Firewall
interacts with applications in a given environment. - Determine how to Implement logging and monitoring.
- Identify troubleshooting methods for Citrix Web App Firewall.
Security and Filtering 6% - Determine how to implement IP reputation. - Determine how to implement IP rate-limiting.
- Determine how to Implement AppQoE.
- Determine how to implement HTTP Callout.
Citrix Application Delivery Management: Introduction and Configuration 8% - Determine how to perform the initial configuration of Citrix Application
Delivery Management.
- Determine how to deploy Citrix Application Delivery Management based on a
given scenario.
- Determine how to create additional instances of Citrix Application Delivery
Management.
Managing and Monitoring Citrix ADC Instances 11% - Determine how to manage
multiple instances in a single Citrix Application Delivery Management deployment
with Inventory Management.
- Determine how to manage and monitor the aspects of Authentication,
Authorization, and Logging with User Management.
- Identify what data is captured and utilized with Analytics and Automation.
- Determine how to configure and install SSL Certificates on Citrix Application
Delivery Management.
Managing Citrix ADC Configurations 5% - Determine how to create, manage, and
configure StyleBooks.
- Determine how to utilize Citrix Application Delivery Management
recommendations to assist in resource delivery.
Citrix ADC Web Logging 3%
- Determine how to install and configure Citrix ADC Web Logging.
- Determine how to troubleshoot issues using Citrix ADC Web Logging.
Integrated Caching 6%
- Determine when to use static or dynamic content requests.
- Determine how to configure cache policies.
- Determine which content group settings to configure based on a given scenario.
Front-End Optimization 5%
- Determine how content is currently handled by browsers based on a given
environment.
- Determine how to utilize front-end optimizations based on a given scenario.
Tuning and Optimizations 6%
- Determine how the Citrix ADC system uses HTTP connections based on a given
description.
- Determine how to configure Surge Protection and Priority Queuing.
- Determine how to Tune HTTP and TCP behaviors in Connection Profiles.
- Determine how to utilize HTTP DoS protection deployment guidelines to meet the
needs of a given environment.
Recommended Knowledge and Skills for 1Y0-340: Item
- Identify common web attacks and vulnerabilities.
- Understand how to utilize the adaptive learning engine.
- Configure Citrix Web App Firewall to protect web applications.
- Utilize Citrix ADC Secure Insight to monitor, manage and report on application
services security.
- Troubleshoot Citrix Web App Firewall.
- Manage multiple Citrix ADC platforms centrally.
- Orchestrate configuration changes.
- Report on transactions passing through the Citrix ADC environment.
- Visualize infrastructure and plan expansion.
Recommended Product Experience for 1Y0-340:
- Citrix Web App Firewall Overview
- Citrix Web App Firewall Profiles and Policies
- Regular Expression
- Attacks and Protections
- Monitoring and Troubleshooting
- Security and Filtering
- Citrix Application Delivery Management: Introduction and Configuration
- Managing and Monitoring Citrix ADC Instances
- Managing Citrix ADC Configurations
- Citrix ADC Web Logging
- Integrated Caching
- Front-End Optimization
- Tuning and Optimizations
Type of Candidate Time Limits* Notes
Native English speakers 90 minutes
Non-native English speakers that take the exam in countries where English is a
foreign language
90 minutes
+30 minutes (time extension)
Time extension granted automatically
Non-native English speakers that take the exam in countries where English is NOT
a foreign language
90 minutes
+30 minutes (time extension)
Must request time extension from Citrix.
QUESTION 1 Which two security checks invoke sessionization? (Choose two.)
A. CSRF Form Tagging
B. Field Formats
C. Form Field Consistency
D. HTML Cross-Site Scripting
Correct Answer: A,C
QUESTION 2 Which NetScaler Management Analytics System (NMAS) feature can the Citrix
Engineer use to convert configuration tasks performed using the GUI to CLI
commands?
A. Master Configuration
B. Inbuilt Template
C. Record-and-Play
D. Configuration Template
Correct Answer: C
QUESTION 3 A Citrix Engineer needs to deploy the NetScaler Management and Analytics
System (NMAS) in their company environment to ensure that NMAS provides
uninterrupted operation in all situations.
Which deployment type can meet this requirement?
A. Active-Active High Availability Mode
B. Single-Server Deployment Mode
C. NMAS integrated with Director mode
D. Active-Passive High Availability Mode
Correct Answer: A
QUESTION 4 Which two settings can be used when creating a Cache Content group? (Choose
two.)
A. Remove response cookies
B. Set Lazy DNS resolution
C. Expire cookies
D. Use DNS Query
E. Use browser settings
Correct Answer: A,B
QUESTION 5 Scenario: A Citrix Engineer needs to configure Application Firewall to
handle SQL injection issues. However,
after enabling SQL injection check, the backend server started dropping user
requests.
The Application Firewall configuration is as follows:
add appfw profile Test123 –startURLAction none- denyURLAction none-crossSiteScriptingAction
none –
SQLInjectionAction log stats- SQLInjection TransformSpecialChars ON –SQLInjectionCheckSQLWildChars
ON- fieldFormatAction none- bufferOverflowAction none- responseContentType
“application/octet-stream” –
XMLSQLInjectionAction none- XMLXSSAction none-XMLWSIAction none-
XMLValidationAction none
What does the engineer need to change in the Application Firewall configuration?
A. Enable-XMLSQLInjectionAction none
B. Enable-XMLValidationAction none
C. Disable- SQLInjectionCheckSQLWildChars ON
D. Disable- SQLInjectionTransformSpecialChars ON
