ExamGecko
Search Search Login
Home Home / The Open Group / OGEA-102
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Please read this scenario prior to answering the question You are serving as the Lead Architect for an Enterprise Architecture team within a leading multinational biotechnology company. The company works in three major industries, including healthcare, crop production, and agriculture. Your team works within the healthcare division. The healthcare division is developing a new vaccine, and has to demonstrate its effectiveness and safety in a set of clinical trials that satisfy the regulatory requirements of the relevant health authorities. The clinical trials are undertaken by its research laboratories at multiple facilities worldwide. In addition to internal research and development activities, the healthcare division is also involved in publicly funded collaborative research projects with industrial and academic partners. The Enterprise Architecture team has been engaged in an architecture project to develop a secure system that will allow the healthcare researchers to share information more easily about their clinical trials, and work more collaboratively across the organization and also with its partners. This system will also connect with external partners. The Enterprise Architecture team uses the TOGAF ADM with extensions required to support healthcare manufacturing practices and laboratory practices. Due to the highly sensitive nature of the information that is managed, special care has been taken to ensure that each architecture domain considers the security and privacy issues that are relevant. The Vice President for Worldwide Clinical Research is the sponsor of the Enterprise Architecture activity. She has stated that disruptions must be minimized for the clinical trials, and that the rollout must be undertaken incrementally. Refer to the scenario You have been asked to recommend the approach to identify the work packages for an incremental rollout meeting the requirements. Based on the TOGAF standard which of the following is the best answer?
Please read this scenario prior to answering the question Your role is that of a senior architect, reporting to the Chief Enterprise Architect, at a medium-sized company with 400 employees. The nature of the business is such that the data and the information stored on the company systems is their major asset and is highly confidential. The company employees travel extensively for work and must communicate over public infrastructure using message encryption, VPNs, and other standard safeguards. The company has invested in cybersecurity awareness training for all its staff. However, it is recognized that even with good education as well as system security, there is a dependency on third-parly suppliers of infrastructure and software. The company uses the TOGAF standard as the method and guiding framework for its Enterprise Architecture (EA) practice. The CTO is the sponsor of the activity. The Chief Security Officer (CSO) has noted an increase in ransomware (malicious software used in ransom demands) attacks on companies with a similar profile. The CSO recognizes that no matter how much is spent on education, and support, it is likely just a matter of time before the company suffers a significant attack that could completely lock them out of their information assets. A risk assessment has been done and the company has sought cyber insurance that includes ransomware coverage. The quotation for this insurance is hugely expensive. The CTO has recently read a survey that stated that one in four organizations paying ransoms were still unable to recover their data, while nearly as many were able to recover the data without paying a ransom. The CTO has concluded that taking out cyber insurance in case they need to pay a ransom is not an option. Refer to the scenario You have been asked to describe the steps you would take to improve the resilience of the current architecture? Based on the TOGAF standard which of the following is the best answer?
Please read this scenario prior to answering the question You are working as Chief Enterprise Architect at a large Internet company. The company has many divisions, ranging from cloud to logistics. The company has grown rapidly, expanding from initially selling physical books and media to a range of services including an online marketplace, live-streaming. eBooks. and cloud services. Overall management of the numerous divisions has become challenging. Recent high-profile projects have overrun on budget and under delivered, damaging the company's reputation, and adversely impacting its share price. There is a widely held view within the executive management that the organization structure has played a major role in these project failures. The company has an established Enterprise Architecture program based on the TOGAF standard, sponsored jointly by the Chief Executive Officer (CEO) and Chief Information Officer (CIO). The CEO has decided that the company needs to reorganize its divisions around artificial intelligence and machine learning with a focus on automation. The CEO has worked with the Enterprise Architects to create a strategic architecture for the reorganization, including an Architecture Vision, together with definitions for the four domain architectures. This sets out an ambitious vision of the future of the company over a three-year period. This includes a set of work packages and includes three distinct transformations. The CIO has made it clear that prior to the approval of the detailed Implementation and Migration plan, the EAteam will need to assess the risks associated with the proposed architecture. He has received concerns from key stakeholders across the company that the proposed reorganization may be too ambitious and there is doubt whether it can produce sufficient value to warrant the risks. Refer to the scenario You have been asked to recommend an approach to satisfy these concerns. Based on the TOGAF Standard, which of the following is the best answer?
Please read this scenario prior to answering the question Your role is consultant to the Lead Architect within a multinational company that manufactures electronic components. The company has several manufacturing divisions located worldwide and a complex supply chain. After a recent study, senior management have stated a concern about business efficiency considering the company's multiple data centers and duplication of applications. The company has a mature Enterprise Architecture (EA) practice and uses the TOGAF architecture development method in its EA practice. In addition to the EA program, the company has several management frameworks in use, including business planning, project/portfolio management, and operations management. The EA program is sponsored by the CIO. A strategic architecture has been defined to improve the ability to meet customer demand and improve management of the supply chain. The strategic architecture includes the consolidation of multiple Enterprise Resource Planning (ERP) applications that have been operating independently in the divisions' production facilities. Each division has completed the Architecture Definition documentation to meet its own specific manufacturing requirements. The enterprise architects have defined a set of work packages that address the gaps identified. They have identified the value produced, effort required, and dependencies between work packages to reach a farget architecture that would integrate a new ERP environment into the company. Because of the risks posed by change from the current environment, the architects have recommended that a phased approach occurs to implement the target architecture with several transition states. The overall implementation process is estimated to take several years. Refer to the scenario You have been asked what the next steps are for the migration planning. Based on the TOGAF standard which of the following is the best answer?
Please read this scenario prior to answering the question Your role is that of a consultant to the Lead Enterprise Architect to an international supplier of engineering services and automated manufacturing systems. It has three manufacturing plants where it assembles both standard and customized products for industrial production automation. Each of these plants has been operating its own planning and production scheduling systems, as well as applications and control systems that drive the automated production line. The Enterprise Architecture department has been operating for several years and has mature, well-developed architecture governance and development processes that are based on the TOGAF Standard. The CIO sponsors the Enterprise Architecture. During a recent management meeting, a senior Vice-President highlighted an interview where a competitor company's CIO is reported as saying that their production efficiency had been improved by replacing multiple planning and scheduling systems with a common Enterprise Resource Planning (ERP) system located in a central data center. Some discussion followed, with the CIO responding that the situations are not comparable, and the current architecture is already optimized. In response, the Architecture Board approved a Request for Architecture Work covering the investigations to determine if such an architecture transformation would lead to improvements in efficiency. You have been assigned to support the architecture team working on this project. A well-known concern of the plant managers is about the security and reliability of driving their planning and production scheduling from a remote centralized system. Any chosen system would also need to support the current supply chain network consisting of local partners at each of the plants. Refer to the scenario You have been asked to explain how you will initiate the architecture project. Based on the TOGAF Standard, which of the following is the best answer?
Please read this scenario prior to answering the question Your role is that of a consultant to the Lead Enterprise Architect in a multinational automotive manufacturer. The company has a corporate strategy that focuses on electrification of its portfolio, and it has invested heavily in a new shared car platform to use across all its brands. The company has four manufacturing facilities, one in North America, two in Europe, and one in Asia. A challenge that the company is facing is to scale up the number of vehicles coming off the production line to meet customer demand, while maintaining quality. There are significant supply chain shortages for electronic components, which are impacting production. In response to this the company has taken on new suppliers and has also taken design and production of the battery pack in-house. The company has a mature Enterprise Architecture practice. The TOGAF standard is used for developing the process and systems used to design, manufacture, and test the battery pack. The Chief Information Officer and the Chief Operating Officer co-sponsor the Enterprise Architecture program. As part of putting the new battery pack into production, adjustments to the assembly processes need to be made. A pilot project has been completed at a single location. The Chief Engineer, sponsor of the activity, and the Architecture Board have approved the plan for implementation and migration at each plant. Draft Architecture Contracts have been developed that detail the work needed to implement and deploy the new processes for each location. The company mixes internal teams with a few third-party contractors at the locations. The Chief Engineer has expressed concern that the deployment will not be consistent and of acceptable quality. Refer to the scenario The Lead Enterprise Architect has asked you to review the draft Architecture Contracts and recommend the best approach to address the Chief Engineer's concern. Based on the TOGAF Standard, which of the following is the best answer?
Please read this scenario prior to answering the question You have been appointed as senior architect working for an autonomous driving technology development company. The mission of the company is to build an industry leading unified technology and software platform to support connected cars and autonomous driving. The company uses the TOGAF Standard as the basis for its Enterprise Architecture (EA) framework. Architecture development within the company follows the purpose-based EA Capability model as described in the TOGAF Series Guide: A Practitioners'Approach to Developing Enterprise Architecture Following the TOGAF ADM. An architecture to support strategy has been completed defining a long-range Target Architecture with a roadmap spanning five years. This has identified the need for a portfolio of projects over the next two years. The portfolio includes development of travel assistance systems using swarm data from vehicles on the road. The current phase of architecture development is focused on the Business Architecture which needs to support the core travel assistance services that the company plans to provide. The core services will manage and process the swarm data generated by vehicles, paving the way for autonomous driving in the future. The presentation and access to different variations of data that the company plans to offer through its platform poses an architecture challenge. The application portfolio needs to interact securely with various third-party cloud services, and V2X (Vehicle-to-Everything) service providers in many countries to be able to manage the data at scale. The security of V2X is a key concern for the stakeholders. Regulators have stated that the user's privacy be always protected, for example, so that the drivers' journey cannot be tracked or reconstructed by compiling data sent or received by the car. Refer to the scenario You have been asked to describe the risk and security considerations you would include in the current phase of the architecture development? Based on the TOGAF standard which of the following is the best answer?
Please read this scenario prior to answering the question You have been appointed as Chief Enterprise Architect (CEA). reporting to the Chief Technical Officer (CTO), of a company established as a separate operating entity by a major automotive manufacturer. The mission of the company is to build a new industry leading unified technology and software platform for electric vehicles. The company uses the TOGAF Standard as the basis for its Enterprise Architecture (EA) framework, and architecture development follows the purpose-based EA Capability model as described in the TOGAF Series Guide: A Practitioners'Approach to Developing Enterprise Architecture Following the TOGAF ADM. An end-to-end Target Architecture has been completed with a roadmap for change over a five-year period. The new platform will be a cross-functional effort between hardware and software teams, with significant changes over the old platform. It is expected to be developed in several stages over three years. The EA team has inherited the architecture for the previous generation hardware and software automotive platform, some of which can be carried over to the new unified platform. The EA team has started to define the new platform, including defining which parts of the architecture to carry forward. Enough of the Business Architecture has been defined, so that work can commence on the Information Systems and Technology Architectures. Those need to be defined to support the core business services that the company plans to provide. The core services will feature an innovative approach with swarm data generated by vehicles, paving the way for autonomous driving in the future. The presentation and access to different variations of data that the company plans to offer through its platform pose an architecture challenge. The application portfolio and supporting infrastructure need to interact with various existing cloud services and data- Refer to the scenario You have been asked what approach should be taken to determine and organize the work to deliver the requested architectures? Based on the TOGAF standard which of the following is the best answer?
Please read this scenario prior to answering the question You are the Chief Enterprise Architect at a large food service company specializing in sales to trade and wholesale, for example, restaurants and other food retailers. One of your company's competitors has launched a revolutionary product range and is running a very aggressive marketing campaign. Your company's resellers are successively announcing that they are not interested in your company's products and will sell your competitor's. The CEO has stated there must be significant change to address the situation. He has made it clear that new markets must be found for the company's products, and that the business needs to pivot, and address the retail market as well as the existing wholesale market. A consideration is the company's ability and willingness to change its business model, and if it is a temporary or permanent change. An additional risk factor is one of culture. The company has been used to a stable business with a reasonably well known and settled client base - all with its own local understandings and practices. The CEO is the sponsor of the EA program within the company. You have been engaged with the sales, logistics, production, and marketing teams, enabling the architecture activity to start. An Architecture Vision, Architecture Principles, and Requirements have all been agreed. As you move forward to develop a possible Target Architecture you have identified that some of the key stakeholders' preferences are incompatible. The incompatibilities are focused primarily on time-to-market, cost savings, and the need to bring out a fully featured product range, but there are additional factors. Refer to the scenario You have been asked how you will address the incompatibilities between key stakeholder preferences. Based on the TOGAF standard which of the following is the best answer?
Please read this scenario prior to answering the question You are the Lead Enterprise Architect at a major agribusiness company. The company's main harvest is lentils, a highly valued food grown worldwide. The lentil parasite, broomrape, has been an increasing concern for many years and is now becoming resistant to chemical controls. In addition, changes in climate favor the propagation and growth of the parasite. As a result, the parasite cannot realistically be exterminated, and it has become pandemic, with lentil yields falling globally. In response to the situation, the CEO has decided that the lentil fields will be used for another harvest. The company will also cease to process third-party lentils and will repurpose its processing plants. Thus, the target market will change, and the end-products will be different and more varied. The company has recently established an Enterprise Architecture practice based on the TOGAF standard as method and guiding framework. The CIO is the sponsor of the activity. A formal request for architecture change has been approved. At this stage there is no fixed scope, shared vision, or objectives. Refer to the scenario You have been asked to propose the best approach for architecture development to realize the CEO's change in direction for the company. Based on the TOGAF standard which of the following is the best answer?

Question 10 - OGEA-102 discussion

Report
Export

Please read this scenario prior to answering the question

You have been appointed as senior architect working for an autonomous driving technology development company. The mission of the company is to build an industry leading unified technology and software platform to support connected cars and autonomous driving.

The company uses the TOGAF Standard as the basis for its Enterprise Architecture (EA) framework. Architecture development within the company follows the purpose-based EA Capability model as described in the TOGAF Series Guide: A Practitioners'Approach to Developing Enterprise Architecture Following the TOGAF ADM.

An architecture to support strategy has been completed defining a long-range Target Architecture with a roadmap spanning five years. This has identified the need for a portfolio of projects over the next two years. The portfolio includes development of travel assistance systems using swarm data from vehicles on the road.

The current phase of architecture development is focused on the Business Architecture which needs to support the core travel assistance services that the company plans to provide. The core services will manage and process the swarm data generated by vehicles, paving the way for autonomous driving in the future.

The presentation and access to different variations of data that the company plans to offer through its platform poses an architecture challenge. The application portfolio needs to interact securely with various third-party cloud services, and V2X (Vehicle-to-Everything) service providers in many countries to be able to manage the data at scale. The security of V2X is a key concern for the stakeholders. Regulators have stated that the user's privacy be always protected, for example, so that the drivers' journey cannot be tracked or reconstructed by compiling data sent or received by the car.

Refer to the scenario

You have been asked to describe the risk and security considerations you would include in the current phase of the architecture development?

Based on the TOGAF standard which of the following is the best answer?

A.
You will focus on the relationship with the third parties required for the travel assistance systems and define a trust framework. This will describe the relationship with each party. Digital certificates are a key part of the framework and will be used to create trust between parties. You will monitor legal and regulatory changes across all the countries to keep the trust framework in compliance.
Answers
A.
You will focus on the relationship with the third parties required for the travel assistance systems and define a trust framework. This will describe the relationship with each party. Digital certificates are a key part of the framework and will be used to create trust between parties. You will monitor legal and regulatory changes across all the countries to keep the trust framework in compliance.
B.
You will perform a qualitative risk assessment for the data assets exchanged with partners. This will deliver a set of priorities, high to medium to low, based on identified threats, the likelihood of occurrence, and the impact if it did occur. Using the priorities, you would then develop a Business Risk Model which will detail the risk strategy including classifications to determine what mitigation is enough.
Answers
B.
You will perform a qualitative risk assessment for the data assets exchanged with partners. This will deliver a set of priorities, high to medium to low, based on identified threats, the likelihood of occurrence, and the impact if it did occur. Using the priorities, you would then develop a Business Risk Model which will detail the risk strategy including classifications to determine what mitigation is enough.
C.
You will focus on data quality as it is a key factor in risk management. You will identify the datasets that need to be safeguarded. For each dataset, you will assign ownership and responsibility for the quality of data needs. A security classification will be defined and applied to each dataset. The dataset owner will then be able to authorize processes that are trusted for a certain activity on the dataset under certain circumstances.
Answers
C.
You will focus on data quality as it is a key factor in risk management. You will identify the datasets that need to be safeguarded. For each dataset, you will assign ownership and responsibility for the quality of data needs. A security classification will be defined and applied to each dataset. The dataset owner will then be able to authorize processes that are trusted for a certain activity on the dataset under certain circumstances.
D.
You will create a security domain model so that assets with the same level can be managed under one security policy. Since data is being shared across partners, you will establish a security federation to include them. This would include contractual arrangements, and a definition of the responsibility areas for the data exchanged, as well as security implications. You would undertake a risk assessment determining risks relevant to specific data assets.
Answers
D.
You will create a security domain model so that assets with the same level can be managed under one security policy. Since data is being shared across partners, you will establish a security federation to include them. This would include contractual arrangements, and a definition of the responsibility areas for the data exchanged, as well as security implications. You would undertake a risk assessment determining risks relevant to specific data assets.
Suggested answer: D

Explanation:

A security domain model is a technique that can be used to define the security requirements and policies for the architecture. A security domain is a grouping of assets that share a common level of security and trust. A security policy is a set of rules and procedures that govern the access and protection of the assets within a security domain.A security domain model can help to identify the security domains, the assets within each domain, the security policies for each domain, and the relationships and dependencies between the domains1

Since the data is being shared across partners, a security federation is needed to establish a trust relationship and a common security framework among the different parties. A security federation is a collection of security domains that have agreed to interoperate under a set of shared security policies and standards. A security federation can enable secure data exchange and collaboration across organizational boundaries, while preserving the autonomy and privacy of each party.A security federation requires contractual arrangements, and a definition of the responsibility areas for the data exchanged, as well as security implications2

A risk assessment is a process that identifies, analyzes, and evaluates the risks that may affect the architecture. A risk assessment can help to determine the likelihood and impact of the threats and vulnerabilities that may compromise the security and privacy of the data assets.A risk assessment can also help to prioritize and mitigate the risks, and to monitor and review the risk situation3

Therefore, the best answer is D, because it describes the risk and security considerations that would be included in the current phase of the architecture development, which is focused on the Business Architecture. The answer covers the security domain model, the security federation, and the risk assessment techniques that are relevant to the scenario.

References:1: The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 35: Security Architecture and the ADM2: The TOGAF Standard, Version 9.2, Part IV: Architecture Content Framework, Chapter 38: Security Architecture3: The TOGAF Standard, Version 9.2, Part III: ADM Guidelines and Techniques, Chapter 32: Risk Management

Show Answer
asked 23/09/2024
G.C. Helweg
38 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms