PK0-005 Online Practice Questions and Answers

Correct Answer: A

The project manager should validate against the scope statement and ask for sign-off after a system was implemented and testing was successfully completed. The scope statement is a document that defines and documents the project scope, objectives, deliverables, requirements, assumptions, and constraints. The scope statement can help to establish a common understanding and agreement between the project manager and the stakeholders on what the project aims to achieve and deliver. Validating against the scope statement means checking whether the project deliverables meet the agreed-upon scope criteria and quality standards. Asking for sign-off means requesting formal acceptance and approval of the project deliverables from the stakeholders.

Correct Answer: B

A capital expense is the cost of acquiring or making improvements to fixed assets that have a useful life of more than one year. A building purchase is an example of a capital expense, as it is a long-term investment that increases the value of the company's assets. Building lease, maintenance, and insurance are not capital expenses, as they are recurring or short-term costs that do not increase the value of the company's assets.

Correct Answer: D

Corporate values compliance is a consideration when determining a project's ESG factors, because it reflects how a project aligns with the ethical standards and social responsibility of the organization. Corporate values compliance can help to enhance the reputation, trust, and loyalty of the organization among its stakeholders, as well as to avoid legal or regulatory issues that may arise from violating the values. Corporate values compliance can also influence the project scope, objectives, deliverables, and stakeholders, as well as the project management methodology, processes, and practices. The other options are not directly related to ESG factors. Project management methodology is the approach or framework that guides how a project is planned, executed, monitored, and controlled. IT infrastructure security is the protection of the hardware, software, network, and data components of a project from unauthorized access, use, modification, or destruction. Proper accounting practices are the rules and standards that govern how financial transactions and statements are recorded, reported, and audited for a project. References: CompTIA Project+ Study Guide: Exam PK0-005, 3rd Edition, Chapter 5: Project Scope Management; CompTIA Project+ Certification Study Guide, 3rd Edition, Chapter 5: Project Scope Management; What Is Environmental, Social, and Governance (ESG) Investing

Correct Answer: B

Updating the issue log is the first step in documenting the problem and determining its impact on the project. This aligns with CompTIA Project+ guidelines, which emphasize the importance of tracking issues as they arise.

Correct Answer: A

Continuous Integration and Continuous Delivery (CI/CD) aim to accelerate software delivery while maintaining high quality through frequent automated testing and deployment. This practice is endorsed by CompTIA Project+ as part of modern project methodologies for improving efficiency and quality.

Correct Answer: D

A defect log tracks and details all bugs and issues identified in a project. This log is essential for quality control and continuous improvement, as recommended by CompTIA Project+ guidelines on project monitoring and control.

Correct Answer: D

A communication plan details the communication requirements, including methods, frequency, and stakeholders for each type of update. According to CompTIA Project+, this plan is essential for ensuring effective and organized communication throughout the project.

Correct Answer: C

Using the chat and plain language can help overcome the communication barriers caused by accents and background noises. Chat allows team members to write down their ideas and questions, which can be easier to understand than

spoken words. Plain language reduces the ambiguity and complexity of the messages, making them more clear and concise. These techniques can also enhance the participation and engagement of the team members, as they can express

their thoughts and opinions more comfortably and confidently.

References:

CompTIA Project+ Study Guide: Exam PK0-005, 3rd Edition, Chapter 4: Communication and Change Management, p. 97-98.

Correct Answer: D

Control objectives are the desired outcomes or goals of implementing security controls to mitigate risks and protect information assets. Control objectives should be the primary basis for establishing metrics that measure the effectiveness of an information security program, as they align with the business objectives, requirements, and expectations of the organization and its stakeholders. Metrics based on control objectives can help to evaluate the performance, efficiency, and maturity of the security program, and to identify gaps, issues, and areas for improvement. The other options are not correct because:

Residual risk is the remaining risk after applying security controls. Residual risk is not a basis for establishing metrics, but rather a result of measuring the effectiveness of security controls. Residual risk should be monitored and reported, but it does not define the desired outcomes or goals of the security program.

Regulatory requirements are the external standards, laws, and regulations that the organization must comply with to avoid legal or financial penalties. Regulatory requirements are not a basis for establishing metrics, but rather a constraint or a driver for the security program. Metrics based on regulatory requirements can help to demonstrate compliance, but they may not reflect the actual effectiveness or efficiency of the security program.

Risk tolerance is the level of risk that the organization is willing to accept or bear. Risk tolerance is not a basis for establishing metrics, but rather a factor or an input for the security program. Metrics based on risk tolerance can help to prioritize and allocate resources, but they may not measure the actual outcomes or goals of the security program.

References: Key Performance Indicators for Security Governance, Part 1; 14 Cybersecurity Metrics + KPIs You Must Track in 2023; KPIs in Information Security: The 10 Most Important Security Metrics; Why metrics are crucial to proving cybersecurity programs' value; Implementing and Maintaining Security Program Metrics

Correct Answer: A

Removing access means revoking the contractor's permissions to access the project data, systems, and devices after the project is closed. This is a crucial security measure to prevent unauthorized access, misuse, or theft of sensitive data

by external parties. Closing contracts, project sign-off, and project evaluation are important steps in the project closure process, but they do not necessarily prevent data theft by themselves. They may involve formal agreements,

documentation, and feedback, but they do not address the technical aspects of data security.

References:

CompTIA Project+ Study Guide: Exam PK0-005, Third Edition, Chapter 14: Closing the Project, page 377; 9 Ways to Prevent Third- Party Data Breaches in 2023; 3 Ways to Prevent Data Theft by Contractors