• Author / Uploaded
• Liberty Córdoba

Citation preview

PREGUNTAS COBIT 5.0 FOUNDATION 1. COBIT tiene 4 características principales; enfocado a negocio, orientado a procesos, basado en controles y la otra es: a) Impulsado por mediciones b) Orientado a resultados c) Independiente de tecnologías d) Basado en estándares 2. ¿Cuál es el factor de rendimiento para una TI? a) métricas de TI b) Objetivo del proceso c) Métrica del proceso d) Métrica de la actividad 3. ¿Cuál control general de requerimiento agrupa métricas, objetivos y métodos dentro del rendimiento de la TI desde el enfoque de supervisión? a) Procesos de metas y objetivos b) Procesos repetibles c) Políticas, planes y procedimientos d) Mejoramiento de procesos de rendimiento 4. La arquitectura de empresa para una TI consiste en información, procesos de TI, infraestructura y personal, además de otro elemento que es: a) Estructuras organizacionales b) Métodos c) Aplicaciones d) Políticas 5. ¿Cuál de los siguientes términos no están incluidos en la definición de control? a) Políticas b) Practicas c) Aplicaciones d) Estructuras Organizacionales 6. ¿Cuál no es un beneficio de Implementar COBIT como marco de trabajo de Gobierno de TI? a) Mejor organización, basado en un enfoque de negocio b) Claras responsabilidades y propiedad, basado en controles c) Generalmente aceptado por reguladores u organizaciones externas d) Entendimiento entre todos los inversionistas basado en un lenguaje común 7. ¿Qué proceso del COBIT es “Manejo de procesos”? a) PO10 b) Al10 c) DS10 d) ME10 8. ¿Cuál no es un objetivo de control del proceso PO10 de COBIT? a) Programa de marco de gestión b) Marco de gestión de proyectos c) Marco de gestión de riesgo de TI d) Compromiso de los inversionistas

9. ¿Cuál es el factor de rendimiento para el objetivo “responder a los requerimientos de gobierno, de acuerdo a la dirección” dentro del proceso PO10 de COBIT? a) Porcentaje de proyectos que cumplen con las expectativas de los inversionistas (a tiempo, dentro de presupuesto y cumpliendo todos los requerimientos, medidos por importancia) b) Porcentaje de proyectos que cumplen con las expectativas de los inversionistas c) Porcentaje de proyectos siguiendo los estándares y prácticas de la gestión de proyecto d) Porcentaje de inversionistas participando en los proyectos (índice de envolvimiento) 10.¿Cuál es el factor de rendimiento para el objetivo “asegurar satisfacción mutua con organizaciones externas” dentro del proceso DS2 de COBIT? a) Número de quejas de usuarios por servicios contratados b) Numero de disputas formales con los proveedores c) Mayor porcentaje de proveedores sujetos a requisitos claramente definidos y niveles de servicios d) Número de incidentes significativos del proveedor de incumplimiento por período de tiempo 11.“La tabla de madurez lista las características sobre como los procesos de TI son gestionados y describen como evolucionan desde un proceso inexistente a uno optimizado”. ¿Cuál de los siguientes no es un atributo de madurez? a) Conciencia y comunicación b) Metas, procesos y actividades c) Herramientas y automatización d) Habilidades y experiencia 12.¿Cuál no es un componente del COBIT? a) Dominio b) Procesos c) Actividades d) Funciones 13.¿Cuál de los siguientes no es parte de la arquitectura de negocio de TI? a) Infraestructura b) Actividades c) Aplicaciones d) Personal 14.¿Los elementos principales de gobierno de TI son: riesgo, control y cual otro? a) Conformidad b) Regulación c) Transparencia d) Valor 15.¿Definido por COBIT, quien es el responsable por el gobierno de TI? a) Clientes y proveedores b) Inversionistas y accionistas c) Gestores y líderes de TI d) Ejecutivos y directivos 16.¿Qué proceso del COBIT es: “gestionar servicios de terceros”? a) PO2 b) AI2

c) DS2 d) ME2 17.“Los objetivos de control de TI proveen una amplia gama de requerimientos de alto nivel a considerar por el administrador para un efectivo control de procesos de TI”. ¿Cuál de las siguientes declaraciones no describe los objetivos de control de las TI's de COBIT? a) Definido para usarlo como un modelo de umbral, donde uno no puede avanzar a un nivel superior, sin antes haber concluido todas las condiciones de un nivel inferior. b) Son declaraciones de acciones gerenciales para incrementar el valor o disminuir riesgos c) Consisten en políticas, procedimientos, prácticas y estructuras organizacionales d) Son designados para proveer garantía razonable de que los objetivos de negocio serán logrados y los eventos no deseados serán prevenidos o detectados y corregidos 18.Para lograr una buena organización de prácticas de requerimientos de negocio, se recomienda que COBIT sea usado ¿a que nivel de la organización? a) Alto b) Medio c) Bajo d) Todos 19.¿Qué estándar, marco de negocio, guía o practica no está organizada por el COBIT? a) ISO27000 b) COSO c) ITIL d) GAAP 20.¿Qué impulsa los factores de negocio de TI? a) Estrategia empresarial b) Objetivos de TI c) Arquitectura empresarial para TI d) Scorecard de TI

1A 2C 3D 4C 5C 6B 7A 8C 9B 10 B 11 B 12 D 13 B 14 D 15 D 16 C 17 A 18 A 19 D

20 A

5.Which statement describes the difference between specific and generic work products? A. Specific work products are defined at each capability level, generic work products are defined on an organizational level B. Specific work products are associated with the IT-related goals, generic work products are associated with the higher level enterprise goals C. Specific work products are defined for each process, generic work products are defined for all generic processes from capability level 2 to 5 D. Specific work products define the objectives at activity level, generic work products define the level objectives of a process

COBIT 5 Sample Exam Questions cobit 5 questions cobit 5 sample exam Q:1-What information layer contains the attribute that includes the rules for using artificial languages? Semantic Physical world Empiric Syntactic Q:2-Identify the missing word in the following sentence. The definition of (?) is a collection of practices influenced by the enterprise's policies and procedures that takes input from a number of sources, manipulates the inputs and produces outputs. Principles Intrinsic goals Enterprise goals. Processes Q:3-Which principleis key for the governance and management of enterprise IT? Managing IT Operations Insure Resource Optimization

Enabling a Holistic Approach Managing Information Q:4-Which aspect is fundamental to the COBIT 5 integrator Model? To link Governance with Management To link COBIT 5 to existing ISACA guidance To link stakeholder needs with enterprise To link Plan, Build, Run and Monitor Q:5-What do lead indicators monitor in the Generic Enabler model? Good practices are being applied Stakeholder needs are being addressed Enabler goals are being achieved Enabler outcomes are being made available Q:6-Which practice would NOT help to encourage desired behavior in an enterprise? Introducing a bonus scheme Communicating enforcement of policies Appointing business champions Publishing Escalation procedures Q:7-What type of process goal is only known to and used by those who need it? Confidentiality Intrinsic Accessibility and Security Contextual Q:8-When can a process be rated as a capability level two? When all process attributes are F- Fully for level two The process must be rated F - Fully for all process attributes at level two, and be rated L Largely on level one The process must be rated L - Largely or F - Fully achieved at level two, and be rated FFully achieved on level one When the process attributes of the five capability levels, rate an average score of two Q:9-Which is NOT a purpose of the Process Reference Model? Forms the basis of a process capability assessment for the Capability Dimension

Provides the mechanism whereby defined Process Assessment Models era related measurement framework Provides the basis for one or more Process Assessment Models Provides the basis to undertake an assessment on the process dimension Q:10-What percentage represents F - full achievement of an attribute in an assessed process,asdefined by the COBIT 5 assessment approach? 100% 85% to 100% 75% to 100% On average 85%

COBIT 5 Exam Paper Q:1-Which item describes a key component of a Governance System? Setting the Governance Framework Identifying responsibilities for governance Ensuring compliance with regulations Optimization of IT assets, resources and capabilities Q:2-What item is generated by Business processes as the first stage of the Information Cycle? Information Value Knowledge Data Q:3-Which is a requirement of the Framework element, within the principles, policies and framework model? To express the core values of the enterprise To describe the desired outcome of a process To be flexible enough to allow adaption to the enterprise's specific situation To provide a logical flow for staff to comply with the framework Q:4-Identify the missing word in the following sentence. One of the benefits of the COBIT 5 capability assessment model is improved reliability and [ ? ] of process capability assessment activities and evaluations. Enablement

Repeatability Effectiveness Integrity Q:5-Which is not a requirement of a good policy? Achieves the stated purpose Implemented in most efficient way Non-intrusive Limited on number Q:6-What attributes describes the quantity of information that is suitable for the required activity? Relevancy Completeness Appropriate amount of information Ease of manipulation Q:7-What term refers to an artifact associated with the execution of a process? A Process Purpose A Work Product A Process Outcome A Base Practice Q:8-Which process domain is the MOST suitable for skills such as Project management and Capacity management? Monitor,Evaluate and Assess (MEA) Deliver,Service and Support(DSS) Build,Acquire and implement (BAI) Align,Plan and Organize(APO¿ Q:9-Which attribute is relevant to a Process Activity? Supports establishment of distinct roles and responsibilities Aligns with standards and good practices Provides specific detailed activities Provides statements of actions to deliver benefits

Q:10-Which factor may indicate a need for the improved governance of enterprise IT? Tailoring COBIT and other supporting good practices and standards to Tit the unique context of the enterprise is required Significant incidents related to IT risk, such as data loss or project failure, have been experienced A focus on quick wins and prioritizing the most beneficial improvements that are #a»»e*l lo implement is needed Key program roles and responsibilities should be defined and assigned

COBIT 5 Questions And Answers Download Q:1-At what level are Inputs and Outputs defined? Process Management practice Activity Detailed Activity Q:2-Which mechanism can define and implement policies within their span of control? Organizational structures Process practices Governance framework Rules and Norms Q:3-What is the name of the Change Enablement life cycle Phase which supports Phase 4.What needs to be done? Identify role players Define target state Plan program Define problems and opportunities Q:4-Which item is considered a good practice for within a policy framework? Statements of actions Skill categories Compliance requirements Defined goals

Q:5-Which characteristic should a good policy framework provides? A structure for consistency Detailed process activities Access to social media Confirmation that practices are applied Q:6-Which requirement was a major driver for developing the COB.T5 framework? To obtain commitment of executive management for making IT-related decisions To provide further guidance in the area of innovation and emerging technologies To enable the management of a portfolio of competitive products and service To deliver programs on time, on budget and meeting stakeholder requirements Q:7-Identify the missing word in the following sentence. Governance is about[?]and deciding amongst different stakeholders" value interests. Transforming Selecting Supporting Negotiating Q:8-What is the purpose of the COBIT 5 Goals Cascade mechanism? To define relationship between Governance and Management To ensure that business change programs are managed To provide a simple architecture To translate stakeholder needs into strategy Q:9-Why is COBIT 5 considered to be an integrated framework? It integrates enterprise goals with IT-related goals It integrates in any governance system It integrates IT-related goals with enablers It aligns with other relevant standards Q:10-Which activity should be done by governance? Implement risk appetite Set principles and policies Execute strategy Plan activities to meet enterprise goals