[App] SHRM-CP Offline Exam on All PC version 2025 - 1000 + Question
Sat, 08 Mar 2025
![[App] SHRM-CP Offline Exam on All PC version 2025 - 1000 + Question](https://certexamdb.com/uploads/blog/thumbnail/52aca5988733f324993ee4151396d13b.png)
Inspirational journeys
Follow the stories of academics and their research expeditions
SHRM-CP Competencies Questions - Part 12
1. Refer to the following scenario for the next 4 questions. A global company benchmarks against similar companies that have recently faced costly and embarrassing cybersecurity breaches resulting in the loss of customer confidence. In response, the CEO assigns tasks to three departments: The IT department is charged with enhancing data accuracy, security, and privacy. Risk management is charged with implementing improved governance, compliance, and enforcement. HR is charged with strengthening procedures around acquisition of staff, policy creation, the code of ethics, and communication. Internally, the company must protect proprietary information and determine what limits to place on data retention and acquisition. Externally, they must also acquire competitive data and follow the law in all jurisdictions of their operations. Challenges with social media, web browsing, instant messaging, and high levels of employees traveling with their electronic devices create additional burdens. Currently, the company provides devices for all eligible employees. The three departments agree that employees must possess a work ethic, motivation, and integrity. The head of IT believes that there are three sources for recruitment, selection, and staffing: the military, college graduates with degrees in information technology, and professional hackers—skilled computer experts who use their technical knowledge to overcome a problem.
IT plans to hire a professional hacker as an independent contractor to conduct ongoing IT vulnerability assessments to improve security, review the possibilities of penetration, and make recommendations to protect the system. Which protective measures should HR recommend?
A) A. Conduct a background check and create an independent contractor agreement that sets terms to prohibit any access not specifically authorized.
B) B. Give the person administrative passwords and see whether they are secure enough or should be changed.
C) C. Require that the independent contractor sign an invention agreement and honor code statement.
D) D. During the interview process, ask candidates to access the company's system and provide evidence of their ability to locate weaknesses.
2. In order to determine the full scope of enterprise risk that exists, which areas should HR review in an IT audit?
A) A. Compensation structure
B) B. Links between business and information strategy and business continuity
C) C. Ways to reduce the amount of sensitive data that must be protected
D) D. Reasons for the lack of outsourcing to third parties with deeper IT experience
3. Which technology policies should the HR manager recommend that the company implement? D is incorrect. A company may stipulate that a company-provided device be used only for business and may expressly prohibit use while driving.
A) A. The company must approve all personal devices the employee uses at home.
B) B. The company can review all charges and information on a company-provided device.
C) C. All employees must use their own electronic devices for work.
D) D. Employees may use devices at any time.
4. Where should the HR manager look to find potential employees with skills in cybersecurity?
A) A. Consider individuals who have recent criminal records related to Internet security and offer them state-of-the-art equipment.
B) B. Search for individuals with any computer-related degree.
C) C. Look on 'dark' websites that attract cybercriminals and promise them large hiring bonuses.
D) D. Recruit former military Internet workers who are attracted by a higher level of pay and flexibility.
5. Codes of Conduct An employee is faced with an ethical dilemma dealing with a supplier. How should the code of ethics support the employee?
A) By guiding decision making and behavior
B) By managing risks to the organization's public image
C) By reflecting the legal traditions of the home country
D) By accommodating the norms of the countries in which the organization operates
A) A. Conduct a background check and create an independent contractor agreement that sets terms to prohibit any access not specifically authorized.
B) B. Give the person administrative passwords and see whether they are secure enough or should be changed.
C) C. Require that the independent contractor sign an invention agreement and honor code statement.
D) D. During the interview process, ask candidates to access the company's system and provide evidence of their ability to locate weaknesses.
2. In order to determine the full scope of enterprise risk that exists, which areas should HR review in an IT audit?
A) A. Compensation structure
B) B. Links between business and information strategy and business continuity
C) C. Ways to reduce the amount of sensitive data that must be protected
D) D. Reasons for the lack of outsourcing to third parties with deeper IT experience
3. Which technology policies should the HR manager recommend that the company implement? D is incorrect. A company may stipulate that a company-provided device be used only for business and may expressly prohibit use while driving.
A) A. The company must approve all personal devices the employee uses at home.
B) B. The company can review all charges and information on a company-provided device.
C) C. All employees must use their own electronic devices for work.
D) D. Employees may use devices at any time.
4. Where should the HR manager look to find potential employees with skills in cybersecurity?
A) A. Consider individuals who have recent criminal records related to Internet security and offer them state-of-the-art equipment.
B) B. Search for individuals with any computer-related degree.
C) C. Look on 'dark' websites that attract cybercriminals and promise them large hiring bonuses.
D) D. Recruit former military Internet workers who are attracted by a higher level of pay and flexibility.
5. Codes of Conduct An employee is faced with an ethical dilemma dealing with a supplier. How should the code of ethics support the employee?
A) By guiding decision making and behavior
B) By managing risks to the organization's public image
C) By reflecting the legal traditions of the home country
D) By accommodating the norms of the countries in which the organization operates
1. Right Answer: A
Explanation: A is the best response to avoid the contractor overstepping bounds and for the company to ensure that there are no past actions that would create too high a risk level. B is incorrect. Never give out administrative passwords. C is incorrect. Although an honor code could be a part of the independent contractor agreement, it alone will not protect the company. D is incorrect. Do not provide access until there is some type of protection in place.
2. Right Answer: B
Explanation: B is the best response. Many organizations rank business continuity as an important information security function. A is incorrect. This information would not serve the purpose of the audit. C is incorrect. This is an action that would occur on an as-needed project basis, not during a fact-finding audit. D is incorrect. This is an action that would occur on a case-by-case basis, not during an audit.
3. Right Answer: B
Explanation: B is the best response. Because the company already provides devices for eligible employees, the HR manager needs to ensure that all employees are aware that there is a policy in place that states that the company can review charges and information on a company-provided device. A is incorrect. The company has no jurisdiction over what devices the employee uses on personal time. C is incorrect. This may create additional security risks.
4. Right Answer: D
Explanation: D is the best response. Military personnel have typically worked on confidential and classified projects but may not have been compensated comparably to the private sector. A is incorrect. Although some companies believe in the need to 'use a thief to catch a thief,' great care should be taken. B is incorrect, as this is too broad a search and may not fit the specific computer-related education that the company needs. C is incorrect. 'Dark' websites often attract individuals interested in criminal activity.
5. Right Answer: A
Explanation: Effective codes of ethics help employees to recognize ethical issues and to respond in a way that reflects the organization's values.
Explanation: A is the best response to avoid the contractor overstepping bounds and for the company to ensure that there are no past actions that would create too high a risk level. B is incorrect. Never give out administrative passwords. C is incorrect. Although an honor code could be a part of the independent contractor agreement, it alone will not protect the company. D is incorrect. Do not provide access until there is some type of protection in place.
2. Right Answer: B
Explanation: B is the best response. Many organizations rank business continuity as an important information security function. A is incorrect. This information would not serve the purpose of the audit. C is incorrect. This is an action that would occur on an as-needed project basis, not during a fact-finding audit. D is incorrect. This is an action that would occur on a case-by-case basis, not during an audit.
3. Right Answer: B
Explanation: B is the best response. Because the company already provides devices for eligible employees, the HR manager needs to ensure that all employees are aware that there is a policy in place that states that the company can review charges and information on a company-provided device. A is incorrect. The company has no jurisdiction over what devices the employee uses on personal time. C is incorrect. This may create additional security risks.
4. Right Answer: D
Explanation: D is the best response. Military personnel have typically worked on confidential and classified projects but may not have been compensated comparably to the private sector. A is incorrect. Although some companies believe in the need to 'use a thief to catch a thief,' great care should be taken. B is incorrect, as this is too broad a search and may not fit the specific computer-related education that the company needs. C is incorrect. 'Dark' websites often attract individuals interested in criminal activity.
5. Right Answer: A
Explanation: Effective codes of ethics help employees to recognize ethical issues and to respond in a way that reflects the organization's values.
80% DISCOUNT: SPHR PRACTICE EXAMS
Tags:
shrm shrmcp shrm-scp shrmscp shrm-cp Human resource management Organizational behavior Talent acquisition Performance management Compensation and benefits Employee relations Training and development Diversity and inclusion Legal and ethical considerations HR metrics and analytics Strategic planning Change management HR technology Workforce planning Labor relations Employment law Recruitment and selection Career development0 Comments
Categories
Recent posts
SHRM-CP 2025 Practice Days Book
Wed, 05 Mar 2025
HR all events, conferences in 2023
Fri, 12 May 2023
Leave a comment