1. Responsibility for managing data is shared.

Who needs to collaborate to ensure high quality

information is available?
A. Everyone in the organization
B. Internal and External Auditors
C. Data Quality Specialists and Database Administrators
D. Business and Information Technology
E. Business and Vendors.

2. Data is an asset, but it differs from other assets and had to be managed carefully. Some of its
unique properties are:
A. It is volatile, variable and volumous
B. It is tangible and durable, easy to copy and transport
C. It is easy to reproduce if it is stolen, and must be accounted for on the balance sheet
D. It may be used by multiple people or systems at the same time, but this decreases its value
E. It is not consumed when it is used, it does not wear out, and can be stolen, but not gone.

3. What is NOT an approach to calculating the financial value of data?

A. Impact to the organisation if the data were missing
B. Cost of risk mitigation and potetial cost of risks associated with data
C. The salaries of the data people
D. Cost of obtaining and storing data
E. Cost of replacing data if it were lost.

4. What is the type of data required to manage data as an asset, which describes what data the
organization has, and which is embedded in data architecture, data models, data security
requirements and data standards?
A. Reference Data
B. Business Data
C. Metadata
D. Operational Data
E. Master Data.

5. What perspective refers to data as one of the “horizontals” of an organization?

A. Enterprise
B. Business
C. Siloed
D. Information Technology
E. Governance.

6. The relationship between Data Management and Technology is such that:

A. Data Management decisions drive Business decisions
B. Data Management decisions must drive Information Technology decisions
C. There is no relationship
D. Information Technology decisions must drive Data Management decisions
E. Business decisions drive Data Management decisions.

7. The key activities for Data Lifecycle are:

A. Plan, Store, Use, Reuse, purge

B. create/acquire, store, analyse, report
C. Plan, do, check, act
D. Plan, Design & Enable, Create/Obtain, Store/Maintain, Use, Enhance, Dispose of
E. Design, Develop, Use, Enhance, Dispose.

8. The most critical points in the Data Lifecycle are:

A. Create/obtain, and Store/Maintain
B. Create/Obtain and Use
C. Design & Enable and Use
D. Design & Enable and Create/Obtain
E. Store/Maintain and Use.

9. A Data management effort needs to focus on:

A. Financial data
B. Master Data
C. All the data in the enterprise
D. The most critical data
E. Metadata.

10. Which DM Deliverable documents overall vision, business case, goals, principles, measures of
success, risks and the operating model?
A. Data Management Implementation Roadmap
B. Data Management Framework
C. Data Management Scope Statement
D. Data Management Charter
E. Data Management Proposal.

11. Which data management framework model includes tactics in its mapping of the relationships
between Business and IT? A. Amsterdam Information Model B. Strategic Alignment Model C. Six Sigma
D. ISO 20000 E. Business Process Framework.
12. Why is Data Governance in the centre of the DAMA Wheel? A. Data governance is the most
important Knowledge Area B. Governance is in the centre for consistency within and balance between
the Knowledge Areas C. No reason in particular D. Data Governance affects all the Knowledge Areas E.
Data Governance is responsible for Data Management.

13. The four activity categories in the context diagram are: A. Planning, Control, Development, Operat B.
Plan, Design & Enable, Create/Obtain, Store/Maintain, Use, Enhance, Dispose of C. Act, Plan, Monitor,
Deploy D. Planning, Oversight, Design, Current E. Plan, do, check, act.
14. In the DAMA Functional Area Dependencies which is the most dependent knowledge area? A. Data
Integration and Interoparability B. Business Intelligence and Analytics C. Metadata D. Master Data E.
Data Quality.
15. What is the difference between data and information?
A. Data is only stored in digital form, information can be found on any medium
B. Information is always data with metadata
C. Data is a form of information but information is not a form of data
D. Data is raw, information is data with contexts
E. Definition is up to individual organizations. Throughout the DMBOK the terms are used
interchangeably.
16. Data is an organizational asset. What international standard is concerned with asset management?
A. ISO 27001 B. ISO 8000 C. ISO 55000/55001 D. ISO 25000 E. ANSI 859.
17. Which of the following is NOT an approach to data valuation?
A. Cost of obtaining and storing data
B. Cost of replacing data if it were lost
C. What the data could be sold for
D. Expected revenue from innovative uses of data
E. Enterprise Data Modeling.

18. According to the DMBoK2, which items are not a consideration in a data valuation? A. Cost of
obtaining and storing data B. Impact to the organization if data were missing C. Benefits of higher quality
data D. What the data could be sold for E. How much we can be ransomed for by a malware attack.
19. According to the DMBOK, which of the following are included as Data Management goals? A. Big
Data goals need to change to reflect reality B. Data Quality goals must be aligned with ISO27001 C. Data
Management goals should be driven by technical capability and available capabilities D. Data
Management goals must focus first on legislation E. We should ensure that data can be used effectively
to add value to the enterprise.

20. What is NOT a discipline of Data Management according to the DAMA DMBoK?
A. Data Quality Management
B. Document and Content Management
C. Data Virtualization
D. Data Security Management
E. Data Governance.

21. The DAMA Wheel contains? A. Data Management process B. Knowledge areas C. Data Strategy
initiatives D. Maturity model dimensions E. Data Management deliverables.

22. SMART is an acronym for objectives in projects and programs. SMART stands for? A. Specific,
Manageable, Agile, Realistic, Topical B. Systems, Management, Architecture, Resources, Technology C.
Specific, Measureble, Achievable, Robust, Timely D. Structured, Manageable, Accurate, Robust, Tested
E. Specific, Measurable, Achievable, Realistic, Timely.

23. Which of the following is NOT a goal of Data Management? A. Capturing, storing, protecting, and
ensuring the integrity of data assets B. Ensuring the quality of data and information C. Ensuring the
privacy and confidentiality of stakeholder data D. Understanding the process needs of the enterprise E.
Preventing unauthorized access, manipulation, or use of data and information.

24. In the data lifecycle, the DMBoK recommends minimizing ROT data. ROT stands for? A. Data that is
not Relational, Operational, Timely B. Data that is Redundant, Obsolete, Trivial C. Data that is not
Realistic, Ordered, Timely D. Data is Routine, Obsolete, Tiny E. Data that is not Requested, Orchestrated,
Technology supported.
25. Information is: A. Data in context B. A management discipline C. Always stored in a computer
systems D. A byproduct of IT systems.
26. Information needs to be managed because A. It is an asset of the organization B. The volumes are
large C. It contains financial facts D. It is stored in Database systems.
27. Data differs with regards to other assets because A. It uses automation B. It can be used yet still
retain value C. It has value D. It is big E. It is regulated .
29. Which is a valid Environmental component of data management? A. Motivation B. Hardware
Management C. Practices & Tecniques D. Project Management E. Database Management.
30. Which of these is not a Knowledge Area in DMBoK v2? A. Data Governance B. Master & Reference
Data Management C. Data Quality Management D. Data Security Management E. Big Data & Data
Science.
31. The Data Management Body of Knowledge is produced by? A. The Data Analysis Association B. The
Data Practitioner Association C. The Project Management Institute D. The Data Management Authority
E. The Data Management Association.

32. According to the DMBoK, which is not a component of a Data Management strategy? A. Identifying
individuals for Data Management roles B. A compelling vision for Data Management C. Descriptions of
Data Management roles and organizations, along with a summary of their responsibilities and decision
rights D. A summary business case for Data Management with selected examples E. A draft
implementation roadmap with projects and action items.

33. According to the DAMA DMBoK, the Data Governance Council (DGC) is the highest-authority
organization for Data Governance in an organization. Who should typically chair this Council?
A. The Chief Information Officer (CIO)
B. Chief Data Steward (Business)/Chief Data Officer
C. The chair should rotate across Data Owners
D. The Chief Data Architect
E. Any executive/c-level participant in the DGC.

34. What are the primary responsibilities of a data steward? A. A business role appointed to take
responsibility for the quality and use of their organization’s data assets B. Analyzing Data Quality C. The
manager responsible for writing policies and standards that define the Data Management program for
an organization D. Identifying data problems and issues E. The data analyst who is the subject matter
expert (SME) on a set of reference data.
35. Which of these are NOT true of Data Governance? A. DG is a continuous process of data
improvement B. IT is a key stakeholder in DG C. A DG initiative should always be led by the IT
Department D. There are different organization models for DG E. DG is the exercise of authority and
control over the management of data assets.
36. Who is most responsible for communicating and promoting awareness on the value of Data
Governance in the organization? A. Central Communications and Corporate Awareness B. Data stewards
C. The Chief Executive Officer D. Senior Management Executive Forum E. Everyone in the Data
Management community.
37. Communicating the value of Data Governance can be approached in a number of ways. Which of
the following approaches is NOT a recognized way of doing this? A. Providing only negative
communications on ongoing data issues to key executive stakeholders B. Maintaining an intranet
website C. Publishing a regular newsletter via hardcopy or email D. Promoting participation in a DM
forum or community E. Creating a series of “elevator pitches” for the appropriate audience.
38. When considering a Data Governance program, communication is a key element. There are many
ways of managing this communication, with one of the most effective being a Data Management
intranet. Which of the following would you typically NOT put onto such an communication vehicle? A.
Description of the DG organization, its key members, and contact details B. Executive message regarding
significant Data Management issues C. The Data steward team profiles D. Raw data results of an
investigation into a possible data privacy breach E. Link to a “raise an issue” log.
39. How do Data Management professionals maintain commitment of key stakeholders to the Data
Management initiative? A. Weekly email reports showing metrics on Data Management progress or lack
thereof B. Rely on the stakeholder group to be self-sustaining C. It is not necessary, as the stakeholders
signed up at the beginning of the program D. Continuous communication, education, and promotion of
the importance and value of data and information assets.9
40. Data standards used by the enterprise must? A. Promote consistent results but periodically be
reviewed and updated B. Promote consistent results so they are only written once and never updated C.
Be a guideline for the organization but open to the interpretation D. Set by a standards organization and
not by the enterprise E. Only be necessary for the Data Governance team.

41. When new governmental and industry regulations are formulated and enacted, Data Governance
plays a key role in the process of identifying the data and information components for compliance. What
is the most important role in any regulatory compliance project? A. Working with business and technical
leadership to find the best answers to a standard set of regulatory compliance questions (How, Why,
When, etc…) B. Provide access to any possible data set to the compliance team and allow them to mine
the data for non-compliance C. Work in isolation and mine the data and information for compliance and
non-compliance issues D. Create a Data Governance “in-house” project with a team of Data Stewards to
create a standard response E. Take no part in any project at all, declaring it an audit and risk project.
42. The Data Governance Steering Committee is best described as?
A. The community of interest focused on specific subject areas or projects
B. The local or divisional council working under auspices of the CDO
C. The representatives of data use on project steering committees
D. A burden to the agile delivery in a modern enterprise
E. The primary and highest authority responsible for the oversight and support of Data Governance
activities.
43. The right to be forgotten is? A. A person’s right to have all their information erased from an
organization B. A person’s right to have imperfect memory C. A person’s right for all search criteria not
to lead to their details D. A person’s right to have their information removed from all databases on earth
E. A person’s right to change their name.
44. Data Quality rules and standards are a form of data. To be effective, they need to be managed as
data and rules should be ___________? A. Managed outside of the repository and only the results of
Data Quality assessments stored as rules metadata B. Organized with metrics so the data stewards can
review the data and see what rules apply C. Documented consistently, tied to business impact, backed
by data analysis, and assessible to all data consumers D. Focused on managing relationships that have
gone wrong in the past and may go wrong in the future E. Focused on rules that can be integrated into
application services.
45. What area do you not consider when developing a Data Governance Operating Model? A. The value
of data to the organization B. The business model – decentralized versus centralized C. Cultural factors
such as acceptance of discipline and adaptability to change D. The availability of industry data models E.
Impact of regulation.

46. For countries, is there an internationally recognized set of codes to use? A. No, you should use
whatever your organization wants to use B. Yes, the standards set are the codes used by your country’s
postal service C. No, organizations should develop their own set of codes to use because the data is used
internally D. Yes, ISO 3166 is the internationally standardized set of codes used by most organizations E.
No, there is no internationally recognized set of codes because each country wants to develop their
own.

48. Every enterprise is subject to many governmental and industry regulations, many of which regulate
how data and information are used and managed. Part of the Data Governance function is to: A. Enforce
enterprise-wide mandatory compliance to regulations B. Monitor and ensure that organizations meet
any regulatory compliance requirements C. This is a risk and audit responsibility; Data Governance plays
no role in this D. Perform ad-hoc audits of possible regulations to report to the Data Governance Council
on an information-only basis E. This is about data. Data Governance is accountable for the whole
process, with risk and audit reporting to Data Governance.
49. What organization structure should set the overall direction for Data Governance? A. Data Quality
Board B. Data Governance Office C. Data Governance Council D. IT Leadership Team E. PMO.
50. Data Governance touchpoints throughout the project lifecycle are facilitated by this organization? A.
The Project Management Office B. The Master Data Office C. The Data Stewards Office D. The Data
Governance Office E. The Data Governance Steering Committee.
51. In the Information Management Lifecycle, the Data Governance activity "Define the Data
Governance Framework" is in which Lifecycle stage? A. Specify B. Enable C. Create and aquire D. Plan E.
Maintain and use.
52. As part of the reference Data Stewardship process, it is helpful to capture basic data about each
reference data set. Which answer best describes which data should be captured? A. Enterprise
Architecture, programming logic, workflows, and ETL relating to any reference data B. Steward name,
originating organization, expected frequency of updates, and processes using the reference data C.
Maturity models that access the organization’s readiness to accept Data Governance D. The names of
everyone who is a business or technical user of the reference data E. Metrics to quantify reference
data’s value to the organization.

53. Data for big data ingestion can also be called the data lake. This needs to be carefully managed or
the data lake will become? A. An organizational statistic B. A biased report C. A level of data not usable
by data scientists D. A data model E. A data swamp.

54. Obfuscation or redaction of data is the practice of? A. Making information available to the public B.
Reducing the size of large databases C. Selling data D. Organizing data into meaningful groups E. Making
information anonymous or removing sensitive information.
55. Which of these is NOT a standard motivation for Data Governance? A. Pre-emptive governance B.
Proactive governance C. Reactive governance D. Decentralised Governance E. Devolved Governance.
56. Information needs to be managed because A. It is an asset of the organization B. The volumes are
large C. It contains financial facts D. It is stored in Database systems.

57. The Information Lifecycle

A. Has the same stages as the Systems Delivery Lifecycle
B. Is used primarily for Data archiving
C. Is only important in regulated industries
D. Exists beyond the Systems Delivery Lifecycle
E. Is not relevant in an Agile environment.

58. Information Governance and Data Governance should be? A. Managed as a single function B.
Managed as separate functions C. Managed as integrated functions, with Data Governance reporting to
Information Governance D. Managed as integrated functions, with Information Governance reporting to
Data Governance E. Managed by the Chief Information Office.
59. In the common enterprise architecture model coded BIAT, the 'I' stands forA. Information B.
Integration C. Interoperability D. Instance E. Identification.
60. Which of these does NOT characterize an effective data steward? A. Is a recognized subject matter
expert in the data subject area / business domain that he or she is responsible for B. He / She is an
effective communicator C. He / She works collaboratively across the organization with data stakeholders
and other identifying data problems and issues D. He / She works in association with the Data Owner to
protect and enhance the data assets under his or her control E. Is a highly experienced technical expert
in a variety of data management disciplines & tools.

61. Why is Data Management so important for organizations today? A. The increase in data volumes B.
New product developments C. Tighter regulations across many industries D. To have a competitive
andvantage E. All of the above F. All but D.
62. Increased agility and capability to respond to change and events faster through a joint understanding
across users and IT is a central part of well-executed Data Management.
A. True
B. False.

63. Data Management is at the center of the DMBoK wheel, while Data Governance is one of the spokes
of the wheel
A. True
B. False.

64. What is true with regard to the information presented in the DMBoK?
A. Data Management exists within a vacuum
B. It’s not just about technology
C. Many environmental elements cross all of the disciplines
D. Organization and culture play an important part
E. All but A are correct
F. All the above.

65. What is an Architecture Domain in TOGAF®? A. Business Architecture B. Data Architecture C.

Application Architecture D. Technology Architecture E. All of the above F. All but A.

66. Which statement is correct?

A. Data Governance should not be embedded within broader governance frameworks
B. Data Management is designed to “govern” Data Governance practices
C. Data Governance is informed by the Enterprise Information Architecture
D. All are correct
E. None are correct.

67. When working on a maturity assessment, the lowest level is “Emerging or Repeatable.” A. True B.
False.

69. Data is an asset, but it differs from other assets and had to be managed carefully. Some of its unique
properties are A. It is volatile, variable and volumous. B. It is tangible and durable, easy to copy and
transport.. C. It is easy to reproduce if it is stolen, and must be accounted for on the balance sheet. D. It
may be used by multiple people or systems at the same time, but this decreases its value. E. It is not
consumed when it is used, it does not wear out, and can be stolen, but not gone.

70. What is NOT an approach to calculating the financial value of data? A. Impact to the organisation if
the data were missing B. Cost of risk mitigation and potential cost of risks associated with data C. The
salaries of the data people D. Cost of obtaining and storing data E. Cost of replacing data if it were lost.
71. What is the type of data required to manage data as an asset, which describes what data the
oranisation has, and which is embedded in data archetecture, data models, data security requirements
and data standards?
A. Reference Data
B. Business Data
C. Metadata
D. Operational Data
E. Master Data.

72. What perspective refers to data as one of the "horizontals" of an organisation? A. Enterprise B.
Business C. Siloed D. Information Technology E. Governance.
73. The relationship between Data Management and Technology is such that A. Data Management
decisions drive Business decisions B. Business decisions drive Data Management decisions C.
Information Technology decisions must drive Data Management decisions. D. Data Management
decisions must drive Information Technology decisions E. There is no relationship.
76. A Data management effort needs to focus on A. All the data in the enterprise B. Financial data C. The
most critical data D. Master Data E. Metadata.

77. Which DM Deliverable documents overall vision, business case, goals, principles, measures of
success, risks and the operating model?
A. Data Management Framework
B. Data Management Scope Statement
C. Data Management Proposal
D. Data Management Charter
E. Data Management Implementation Roadmap.

79. Why is Data Governance in the centre of the DAMA Wheel? A. Data Governance is responsible for
Data Management B. Data governance is the most important Knowledge Area C. Data Governance
affects all the Knowledge Areas D. Governance is in the centre for consistency within and balance
between the Knowledge Areas E. No reason in particular.
80. The four activity categories in the context diagram are: A. Planning, Oversight, Design, Current B.
Plan, Design & Enable, Create/Obtain, Store/Maintain, Use, Enhance, Dispose of C. Act, Plan, Monitor,
Deploy D. Plan, do, check, act E.Planning, Control, Development, Operations.
81. In the DAMA Functional Area Dependencies which is the most dependent knowledge area? A.
Master Data B. Metadata C. Business Intelligence and Analytics D. Data Integration and Interoperability
E. Data Quality.

82. What is the difference between data and information? A. Definition is up to individual organizations.
Throughout the DMBOK the terms are used interchangeably B. Data is only stored in digital form,
information can be found on any medium C. Information is always data with metadata D. Data is raw,
Information is data with context E. Data is a form of information but information is not a form of data.
83. Which of these are increasingly driving legislation for information security and data privacy?
A. A desire for economic protectionism
B. A recognition of Ethical issues in information management
C. A resistance to open data and transparency
D. An objective of making life more challenging for information management professionals
E. GDPR.

84. Ignoring the requirement that the sum of numbers representing percentages on a pie chart must
add up to 100 is an example of which unethical data handling practice? A. Timing manipulation B.
Misleading visualisations C. Incomplete definitions D. Biased use of data collected E. Invalid comparison.

85. What are the three principles of data ethics as laid out in the Belmont Report? A. Consent, Accuracy
and Openness B. Respect for Persons, Beneficence, Justice C. Notice/Awareness, Choice/Consent,
Access/Participation D. Storage Limitation, Integrity and Confidentiality, Accountability E. Purpose
Limitation, Data Minimisation, Accuracy.

86. Which GDPR principle states that "Personal data must be adequate, relevant and limited to what is
necessary in relation to the purposes for which they are processed"? A. Accountability B. Data
Minimisation C. Purpose Limitation D. Integrity and Confidentiality E. Storage Limitation.

87. An insurance company installs trackers in cars to encourage good driving. The clients agree. The
insurance company has a life insurance division which decides to use that data to monitor its client's
lifestyles, unbeknown to them. Which GDPR principle does this violate? A. Data Minimisation B. Purpose
Limitation C. Integrity and Confidentiality D. Accountability E. Storage Limitation.

88. Data Collection to produce results to reach a pre-defined conclusion is an example of: A. Bias B. Data
analysis C. Serendipity D. Planning E. Synchronicity.
89. Part of the activity "perform readiness assessment" is a measurement of current data management
capabilities and capacity. This assessment is called
A. Collaborative Readiness Assessment
B. Capacity to Change Assessment
C. Data Quality Maturity Assessment
D. Data Management Maturity Assessment
E. Data Management Readiness Assessment.

90. What are organisational touch points for Data Governance work? A. An business area, outside the
direct authority of the CDO, where enterprise data governance and data management can be applied. B.
An area where sensitive data may be exposed by an organisational business process. C. An area of
interest which the CDO would like to control. D. An area where good collaboration between business
and data is traditionally lacking. E. An business area, under direct authority of the CDO, where enterprise
data governance and data management can be applied.

91. Which Data Governance deliverable of the activity "Develop the Data Governance Strategy"
identifies the business drivers, vision, mission and principles for data governance"? A. Operating
Framework B. The Charter C. Operations Plan D. Implementation Roadmap E. Data Strategy.

92. Which Data Stewards have oversight of a data domain across business functions?
A. Domain Data Stewards
B. Enterprise Data Stewards
C. Business Data Stewards
D. Coordinating Data Stewards
E. Technical Data Stewards.

93. What artefacts describe how to do Data Govenrance? A. Data Procedures B. Data Principles C.
Business Rules D. Data Strategies E. Data Policies.
94. Regulatory complance is often the initial reason for implementing Data Governance. What is Data
Governance's role when faced with data-related reguations?
A. This is the legal department's responsibility. Data Governance plays no role.
B. To monitor and enforce regulatory compliance.
C. Guides the imlpemetation of adequate controls to monitor and document compliance.
D. This is IT's responsibility. Data Governance plays no role.
E. Communicate the requirements to the data owners as they are responsible for their own data.
95. What is the main purpose of Data Governance?
A. To ensure that data is managed properly, according to policies and procedures.
B. Providing solution to data related problems.
C. Ensuring the entire organisation complies with regulations.
D. To enforce data management throughout the organisation.
E. To ensure IT aligns with Business Strategy.

96. The highest authority Data Governance body responsible for funding of Data Governance initiatives.
A. Data Governance Steering Committee B. Enterprise Information Management Committtee C. Data
Governance Office D. Executive Council E. Data Governance Council.
97. What do we understand by a data centric organisation?
A. A data-centric organisation values data as an asset which is no longer treated as a by-product of
business processes and applications.
B. All data decisions in a data-centric organisatio are led by IT.
C. A data-centric organisation is data driven
D. A data-centric organisation is always at Level 5 on the DMMA
E. A data-centric organisation collects and sells data.
98. The type of Data Governance Operating Model where one Data Governance organisation
coordinates with multiple business units to maintain consistent definitions and standards. A. Federated
B. Centralised C. Hybrid D. Decentralised E. Network.

99. Who is responsible for creating and managing core Metadata, including the Business Glossary? A.
Data owners B. Tool vendors C. Data Stewards D. Developers E. Database Administrators.

100. The principles of Information Asset Valuation Translated from accounting. A. GAIP B. GAAP C. GAAV
D. GARP E. GAVP.

101. Who is responsible for Data Governance issue resolution at the tactical and operational level? A.
Data Stewardship Teams B. Data Governance Steering Committee C. Data Quality Analysts D. Data
Governance Council E. Business Users.
102. Who is responsible for refining Data Policies? A. Data Users B. Business Policy Staff C. Data
Stewards and Management D. Data Governance Council E. Data Management Professionals.
103. Which Data Governance deliverable improves the alignment between technology assets and the
business organisation? A. Data Dictionary B. Data Strategy C. Business Glossary D. Communications Plan
E. Data Governance Strategy.
98. Every enterprise is subject to many governmental and industry regulations, many of which regulate
how data and information is used and managed. Part of the Data Governance Function is to: A. Monitor
and ensure that organisations meet any regulatory compliance requirements B. This is about data; Data
Governance is accountable for the whole process, with Risk and Audit reporting to DG C. This is a risk
and audit responsibility; Data Governance plays no role in this D. Perform ad-hoc audits of possible
regulations to report to the DG Council on an information only basis E. Enforce enterprise-wide
mandatory compliance to regulations.

1. The implementation of a Data Warehouse should follow these guiding principles: A. Managing
performance of data assets B. Start with the end in mind C. Managing the availability of data throughout
the data lifecycle D. Focus on the business goals E. Collaborate F. Managing the performance of data
transactions.

99. DBAs and database architects combine their knowledge of available tools with the business
requirements in order to suggest the best possible application of technology to meet organizational
goals. A. FALSE B. TRUE.

100. Valuation information, as an example of data enrichment, is for asset valuation, inventory and sale.
A. TRUE B. FALSE.

101. Technical metadata describes details of the processing and accessing of data. A. TRUE B. FALSE.

102. The load step of the ETL is physically storing or presenting the results of the transformation into the
source system. A. TRUE B. FALSE.

103. ECM is an abbreviation for: A. Enterprise content management B. Enterprise compliance manager
C. Enterprise compliance management D. Enterprise component management.

2. The goals of data security include: A. Managing performance of data assets B. Ensure that the privacy
and confidentiality needs of all stakeholders are enforced and audited C. Managing the availability of
data throughout the data lifecycle D. Understand and comply with all relevant regulations and policies
for privacy and confidentiality E. Enable appropriate access to enterprise data assets F. Managing the
performance of data transactions.
3. Triplestores can be classified into these categories: A. NoSQL triplestores B. RDMS-backed triplestores
C. MapReduce triplestores D. None of the above E. All of the above F. Native triplestores.

104. The Data Model Scorecard provides 10 data model quality metrics A. TRUE B. FALSE.

105.The most important reason to implement operational data quality measurements is to inform data
consumers about levels of data effectiveness. A. TRUE B. FALSE.
106. Data security internal audits ensure data security and regulatory compliance policies are followed
should be conducted regularly and consistently. A. TRUE B. FALSE.

107. In a SQL injection attack, a perpetrator inserts authorized database statements into a vulnerable
SQL data channel, such as a stored procedure. A. TRUE B. FALSE.
108. The acronym CMDB stands for:
A. Classic monitoring technologies or databases
3B. Cached management technologies or databases
D. Cached management tools or databases
E. Classic management technologies or databases
F. Customization management tools or databases.

109. Self-service is a fundamental delivery channel in the BI portfolio. A. TRUE B. FALSE.

4. The first two steps in the data science process are: A. Define Big Data data strategy & Business
Need(s) B. Acquire & Ingest Data source(s) C. Choose Data Sources D. Develop Data Science Hypotheses
and Mehods.
110. Please select the correct name for the PDM abbreviation when referring to modelling. A. Physical
Dimension Model B. Photo Dimensional Model C. Physical Data Model D. Probabilistic Dimension Model
E. Photo Data Model F. None of the above.

111. The biggest business driver for developing organizational capabilities around Big Data and Data
Science is the desire to find and act on business opportunities that may be discovered through data sets
generated through a diversified range of processes. A. TRUE B. FALSE.

112. SDLC stands for:

A. System and design long cycle
B. System design lifecycle
C. System development leverage cycle
D. System development lifecycle.

113. A synonym for transformation in ETL is mapping. Mapping is the process of developing the lookup
matrix from source to target structures, but not the result of the process.
A. TRUE
B. FALSE.
114. The deliverables in the data architecture context diagram include: A. Data flows B. None of the
above C. All of the above D. Data Value Chains E. Enterprise data F. Implementation roadmap. 5. Barriers
to effective management of data quality include: A. None of the above B. Lack of awareness on the part
of leadership and staff C. Inappropriate or ineffective instruments to measure value D. Lack of leadership
and management E. Difficulty in justification of improvements F. Lack of business governance.
6. Sample value metrics for a data governance program include: A. Effectiveness of communication B.
Reduction of risk C. Improved efficiency in operations D. Effectiveness of education E. Achievements of
goals and objectives F. Contributions to business objectives.

7. The impact of the changes from new volatile data must be isolated from the bulk of the historical,
non-volatile DW dat a. There are three main approaches, including: A. Trickle Feeds B. Streaming C. Data
D. Messaging E. Technology F. All of the above.
115. Data Integration and Interoperability (DII) describes processes related to the movement and
consolidation of data within and between data stores, applications and organizations. A. TRUE B. FALSE.
116. A communication plan includes an engagement model for stakeholders, the type of information to
be shared, and the schedule for sharing information. A. TRUE B. FALSE.
8. Issues caused by data entry processes include: A. List entry replacement B. Software issues C.
Inconsistent business process execution D. Soft state issues E. Change to business processes F. Training
issues.
117. An application DBA leads the review and administration of procedural database objects. A. TRUE B.
FALSE.

9. A Metadata repository contains information about the data in an organization, including: A. Business
rules for managing data B. None of the above C. Content D. Data structure E. Warped F. Hierarchical.

118. Reference data management entails the preventative maintenance of undefined domain values,
definitions and the relationship within and across domain values. A. TRUE B. FALSE.

10. Through similarity analysis, slight variation in data can be recognized and data values can be
consolidated. Two basic approaches, which can be used together, are: A. Probabilistic B. Realistic C.
Procedural D. Deterministic E. Opportunistic F. All of the above.

119. Drivers for data governance most often focus on reducing risk or improving processes. Please select
the elements that relate to the improvement of processes: A. Regulatory compliance B. Data quality
improvements C. All of the above D. Vendor management E. Metadata management F. Efficiency in
development projects.
120. One of the deliverables in the Data Integration and Interoperability context diagram is: A. Data
security plan B. Data access agreements C. Data Integration and Interoperability Strategy D. Data
hogging.

121. Vulnerability is defined as: A. a patch in a system that allows it to be successfully unpatched and
compromised. B. a weakness or defect in a system that allows it to be successfully attacked and
compromised. C. a strength in a system that allows external stakeholders to view data records. D. being
highly data risk rated.

11. Business glossaries have the following objectives: A. Improve the alignment between technology
assets and the business organization B. All of the above C. Cultural factors that might improve the
concepts and terminology D. Reduce the risk that data will be misused due to inconsistent
understanding of the business concepts. E. Enable common understanding of the core business concepts
and terminology F. Maximise search capability and enable access to documented institutional
knowledge.
122. In gathering requirements for DW/BI projects, begin with the data goals and strategies first. A.
TRUE B. FALSE.

12. Typically, DW/BI projects have three concurrent development tracks, including: A. Messaging B. BI
Tools C. Streaming D. Trickle Feeds E. Technology F. Data.

123. In an information management context, the short-term wins and goals often arise from the
resolution of an identified problem. A. TRUE B. FALSE.

124. A 'Golden Record' means that it is always a 100% complete and accurate representation of all
entities within the organization. A. TRUE B. FALSE.
125. Data Warehouse describes the operational extract, cleansing, transformation, control and load
processes that maintain the data in a data warehouse.
A. TRUE
B. FALSE.

126. Access to data for Multidimensional databases use a variant of SQL called MDX or Multidimensional
expression. A. TRUE B. FALSE.

127. Integration of ETL data flows will usually be developed within tools specialised to manage those
flows in a proprietary way. A. TRUE B. FALSE.

128. Those responsible for the data-sharing environment have an obligation to downstream data
consumers to provide high quality data. A. TRUE B. FALSE.
13. The categories of the Data Model Scorecard with the highest weightings include: A. How structurally
sound is the model? B. How complete is the model? C. None of the above D. How good are the
definitions? E. All of the above F. How well does the model capture the requirements?.

129. Factors that have shown to play a key role in the success in the success of effective data
management organizations does not include: A. Leadership alignment B. Orientation and training C. IT
sponsorship D. Clear vision.
130. Data flows can be represented by? A. Two-dimensional matrices showing the relationships
between data entities and business processes B. Two-dimensional matrices showing the relationships
between data users and business processes C. Two-dimensional matrices showing the relationships
between data users and data consumers D. Two-dimensional matrices showing the relationships
between data facts and data dimensions E. Two-dimensional matrices showing the relationships
between data entities and data quality.

131. Preparation and operational activities associated with data interchange include? A. Specification for
dataset creation B. Design, build, and test of dataset creation C. Specification and design of operational
process D. Operation E. All of the above F. None of the above.

132. Critical data interchanges are involved in? A. RRP submissions to a regulator B. Issue of contracts
and ITTs for bidding C. Business specific information published to the organization web pages D. GIS
datasets published to support safety checks before operational digging E. All of the above F. None of the
above.

133. When a project specification is reviewed by the enterprise data architect, which of the following is
not a consideration? A. Wheter enterprise-wide entities conform to agreed standards B. What entities in
the requirements should be included back into the overall enterprise Data Architecture C. Whether
entities on invididual screens and reports align with the database D. Whether entities and definitions
need to be generalized or improved to handle future trends E. Whether to reuse existing or develop new
data delivery architectures .

134. An enterprise data model would be composed of? A. Conceptual models, logical models, and
physical models B. Conceptual models, subject area models, and logical models C. Logical models,
physical models, and infrastructure models D. Conceptual models, star schema models, and interface
models E. Enterprise models, data models, and compositional models.

135. The role of the Physical data model in the Metadata repository is: A. Which version of COTS
software (E.g. SAP) is implemented B. To describe how and where our data is stored on our systems
applications or packages C. What the business definition of data concepts is D. How many master data
records are stored in our MDM system E. When the duplicated records were merged.

136. The role of the Conceptual data model in the Metadata repository is: A. To determine the primary,
alternate and foreign keys of entities B. To summarize the key data subjects areas for a business area at
a high level of abstraction to enable the major data concepts to be understood C. To agree the
cardinality and optionally of relationships between all entities D. All of these E. None of these.

137. Updating the Metadata repository is a recommended activity during project close out in the SDLC:
A. True B. False.

138. What type of Meta-Data provides developers and administrators with knowledge and information
about systems? A. Unstructured Meta-Data B. Process Meta-Data C. Business Meta-Data D. Data
Stewardship Meta-Data E. Technical Operational Meta-Data.

139. These are examples of which type of Meta-Data: Data Stores & Data Involved, Government/
Regulatory Bodies; Roles & Responsibilities; Process Dependencies and Decomposition: A. Technical
Meta-Data B. Business Meta-Data C. Process Meta-Data D. Data Stewardship Meta-Data E. Operational
Meta-Data.
140. Which of the following is a Meta-Data scheme focused specifically on documents? A. Administrative
Meta-Data B. Structural Meta-Data C. Descriptive Meta-Data D. Preservation Meta-Data E. Business
Meta-Data.
141. Which of the following contain metrics associated with Meta-Data Management: A. Steward
Representation / Coverage; Meta-Data Repository Availability; Meta-Data Management Maturity B.
Meta-Data Management Maturity; No. Of Data Stewards; No. Of Meta-Data Attributes Listed C. Steward
Representation / Coverage; Meta-Data Repository Availability; No. External Reference Data Sources D.
Meta-Data Repository Availability; No. Data Governance Meetings held annually; No. Meta-Data
Repositories.
142. Are the ISO (International Standards Organization) codes for countries and languages
interchangeable? A. Yes, the two codes were developed together so that organizations would only have
to worry about one set of codes B. Yes, the codes can be interchanged unless more than one language is
the “official” language of a country C. No, the two codes were developed independently and there was
no attempt to use the same code for language as for a country D. No, because there are more languages
than countries E. No because one uses four digits and one uses five digits for the code.

143. Business drivers for managing metadata include the following? A. Provide a starting point for
customization, integration, or even replacement of an application B. Translate business needs into data
and system requirements so that processes consistently have the data they require C. Strategically
prepare organizations to quickly evolve their products, services, and data to take advantage of business
opportunities inherent in emerging tecnologies D. Reduce data-oriented research time, improve
communication between data consumers and IT professionals, and improve time-to-market by reducing
system development life-cycle time E. Meet data requirements for multiple initiatives and reduce the
risk and costs of data integration through the use of consistent reference data.

144. The number of artifacts that must be searched in the metadata repository for all business change
projects are? A. Conceptual data models and the business data glossary must be examined B.
Conceptual, logical, and physical models must be examined C. There is no mandatory number of
artefacts to be searched buti t is highly recommended that the library is examined D. The business data
glossary and data dictionary must be examined E. The business data glossary and systems inventory
must be consulted. 145. By setting, enforcing, and auditing metadata standards, organizations hope to?
A. Ease of understanding data dictionaries B. Simplify integration and enable use C. Provide activities for
the Data Governance office D. Ensure the appropriate classification or meta-metadata E. Standardize
business rules in operational processes.

146. As part of the Reference Data Stewardship process, it is helpful to capture basic metadata about
each reference data set. Which answer best describes which data should be captured? A. Enterprise
Architecture, programming logic, workflows, and ETL relating to any reference data B. Steward name,
originating organization, expected frequency of updates, and processes using the reference data C.
Maturity models that access the organization’s readiness to accept Data Governance D. The names of
everyone who is a business or technical use of the reference data E. Metrics to quantify reference data’s
value to the organization.

147. Where is the best place to find the following metadata: database table names, column names, and
indexes? A. Logical data model B. Enterprise data model C. Database catalog D. Detailed business
processes E. Security access authorization.

148. An organization's data model contains information (metadata) about which of the following? A.
Information an organization is interested in B. All information available both inside and outside the
organization C. Information about physical attributes D. Only the information needed for Data
Governance E. Surrogate keys.

149. What is the difference between an industry and a consensus meta-data standard? A. Industry
standards refer to internationally approved global standards such as ISO whereas consensus standards
refer to those agreed to within an organization B. Consensus standards are formed by an international
panel of experts whereas industry standards are dictated by a panel of vendors C. Industry standards are
determined by regulators within a given global region and consensus standards are agreed on by the
Data Governance Council within an organization D. The terms are used interchangeably to describe the
same concept.

150. Discovering and documenting metadata about physical data assets provides? A. Information on
how data is transformed as it moves between systems B. An estimation of balance sheet value of
enterprise data C. Scoping boundaries of the data dictionary D. Effective project scope management E.
Insights into the temporal data quality.

151. The ISO metadata registry standard that provides a framework for defining a metadata registry is?
A. ISO 9001 B. ISO 4590 C. ISO 4-20-99 D. ISO / IEC 11179 E. ISO MD 1.

152. Data provenance and data lineage are examples of? A. Technical metadata B. Business metadata C.
Operational metadata D. Strategic metadata E. Industry metadata.
153. We would expect to consult the Metadata Library when:
A. Assessing the impact of change
B. Formulating a Governance policy
C. Implementing a Data Quality tool
D. Selecting a Data Storage device
E. Accessing the internet.
154. To which of the following initiatives was the establishment of an industry Meta-Data Standard
essential? A. Internet Protocols B. EDI C. Proprietary XML D. JSON E. BASEL II/SOX.

155. We do not expect to consult the MetaData repository when: A. Investigating a data issue B.
Updating the operating system that the Master Data management toolset is running on C. Undertaking a
data quality assessment D. Assessing the impact of change E. None of these.

156. The MetaData repository enables us to establish multiple perspectives of data. These are: A. 3rd
normal form and un normalised B. Business and Technical Perspective C. Structured and Unstructured D.
Internal and External E. Dimensional and non dimensional perspective.
157. What would you not expect to find in the MetaData repository?
A. Data Lineage diagrams and models
B. Data storage devices
C. Data Requirements
D. Data Models
E. Data Dictionary.

158. A business perspective product in the MetaData repository is: A. ETL flow B. Systems Inventory C.
Data Dictionary D. Physical Data Model E. Data Glossary.

159. The library of information about our data (our metadata) is built so that: A. We can have a shared
formalized view of requirements (e.g. what data quality we need) B. We can better understand it C. We
can be consistent in our use of terminology D. We can better manage it E. All of these.

160. Which of these statements are true about Metadata? A. The repository is always a decentralized
architecture B. The repository is always a centralized architecture C. A Metadata repository and a
Glossary are synonyms D. Data models are components of a Metadata repository E. The repository is
always a hybrid architecture.

161. The key architecture domains include: A. Zachman, TOGAF, COBIT, and Health architectures B.
business, strategy, application, and technology architectures C. business, data, infrastructure, and
technology architectures D. business, data, application, and technology architectures E. process,
database, software, and technology architectures.

162. The implementation of data architecture exposes the transformation of data as it moves across the
landscape. A common name for this concept is: A. data discovery B. data interfacing C. extract,
transformation and load D. data modeling E. data lineage.
163. A data architect is best deployed: A. during the early stages of a project to define and shape a
strategic solution B. after the project completes to identify weaknesses and lessons learned C. by project
managers to sign off all data deliverables D. to manage the delivery of all the data aspects of a program
E. to build the database solution.
164. The goal of Data Architecture is to be? A. A bridge between technology strategy and database
desing B. A bridge between business analysis and data modeling C. A bridge between business execution
and technology strategy D. A bridge between business strategy and technology execution E. A bridge too
far.

165. A Data Architecture team is best described as? A. A well-managed project of architectural
development B. A group of strong database administrators C. An operational data provisioning group D.
The authors of reference data E. A strategic planning and compliance team.

166. The necessity of representing organizational data at different levels of abstraction is? A. Because
most organizations have more data than individual people can comprehend, understand, and make
decisions about B. Because most organizations need to accomodate the different points of view of
information Architecture and Data Architecture C. Because most architectures want to deploy a
complete suite of drawings for project deliverables D. Because most database administrators need
specifications to build databases with appropriate response times E. Because most Chied Data Officers
don’t have the technical background to be held accountable for complex data diagrams.

167. Identify who has primary responsibility for data capture and usage design within programs. A.
Software Architects, Developers B. Data Architects, Data Analysts, Database Administrators C. DM
Executives, BI Analysts, Data Security Administrator D. Business Data Stewards, Subject Matter Experts
(SMEs) E. Suppliers, Consumers.

168. A CRUD matrix helps organisations map responsibilities for data changes in the business process
work flow. CRUD stands for A. Cost, Revenue, Uplift, Depreciate B. Create, Review, Use, Destroy C.
Confidential, Restricted, Unclassified, Destroy D. Create, Read, Update, Delete E. Create, React, Utilise,
Delegate.

169. A data lineage tool enables a user to: A. Line up the data to support sophisticated glossary
management B. Visualize how the data gets to the data lake C. Track the historical changes to a data
value D. Enables rapid development of dashboard reporting E. Track the data from source system to a
target database; understanding its transformations.
170. What is NOT a goal of Metadata Management? A. Provide organizational understanding of business
terms and usage B. Build and maintain the environment and infrastructure to support business
intelligence activity C. Collect and integrate metadata from diverse sources D. Ensure metadata quality
and security E. All are goals.
171. What kind of metadata architecture is a single access point where the metadata retrieval engine
responds to user requests by retrieving data from source systems in real-time, where there is no
persistent repository?
A. Centralized
B. Hybrid
C. Distributed
D. Command.

172. Which Enterprise Architecture Framework defines artifacts in a 6 x 6 matrix, with interrogatives
(what, how, where, etc.) as columns and stakeholder perspectives (executive, business, architect, etc.)
as rows? It is an ontology, not a methodology, for enterprise architecture? A. TOGAF B. FEAF C. Zachman
D. Kimball.

173. The Business Architecture defines the major kinds of application systems necessary to process the
data and support the business. A. True B. False.

174. Which ontology is a 6x6 matrix showing what models should exist? A. DAMA-DMBOK Framework B.
Zachman Framework C. Business Glossary D. IEEE Computer Society Model E. Common Enterprise
Architecture Framework.
175. Under which Enterprise Architecture Domain does Data Security Architecture fall?
A. Enterprise Technology Architecture
B. Enterprise Business Architecture
C. Enterprise Data Architecture
D. Enterprise Applications Architecture
E. Enterprise Solutions Architecture.

176. What type of data model defines the business entities and the relationships between these
business entities? A. Conceptual Data Model B. Logical Data Model C. Physical Data Model D.
Dimensional Data Model E. Canonical Data Model.

177. In the Zachman Framework the rows are known as Reification Transformations and represent the
stems necessary to instantiate an abstract idea. "Clarification of the relationships between business
concepts" is which perspective? A. Engineer B. Business Management C. Architect D. Enterprise E.
Executive.
178. Why is Data Architecture most valuable when it supports the needs of the entire enterprise? A.
Enterprise Data Architecture is mandatory for all regulatory compliance. B. It is more cost efficient to
have one central Data Architecture team for the enterprise. C. It is impossible to integrate data without
Enterprise Data Architecture D. Enterprise Data Architecture enables consistent data standardisation
and integration across the entrprise. E. Enterprise Data Architecture enforces the use of standards.

179. Which Enterprise Architecture Domain establishes the requirements for the other domains? A.
Enterprise Data Architecture B. Enterprise Applications Architecture C. Enterprise Technology
Architecture D. Enterprise Solutions Architecture E. Enterprise Business Architecture.

180. Data must be represented at different levels of abstraction to be understood. These are: A.
Conceptual, Logical, Physical B. High, Medium, Low C. Data Set, Data Record, Data Element D. Narrow,
Wide, Deep E. Subject area, Conceptual, Logical.

181. Which artefact is the highest level of abstraction in the Enterprise Data Model? A. Subject Area
model B. Systems Portfolio Model C. Top-level Process Model D. Conceptual Model E. Data Ownership
Model.

182. In the Zachman Framework Which column refers to Goals, Strategies and Means? A. When? B.
Why? C. What? D. Where? E. How?.

183. The Enterprise IT BoK describes the BIAT model for Enterprise Architecture. BIAT refers to A. The
Enterprise Architecture Domains: Business, Information/Data, Applications, Technology B. An Enterprise
Architectural framework: Business, Information, Applications and Technology C. An international
standard for Enterprise Architecture. D. A cross-industry regulation: the Business Information
Archtecture Technology Regulation E. Business Intelligence Architectural Technology.

184. Which Enterprise Architecture Domain consists of business systems, software packages and
databases? A. Enterprise Information Area B. Enterprise Applications Architecture C. Enterprise Data
Archirtecture D. Enterprise Business Architecture E. Enterprise Technology Architecture.

185. Who is the ultimate sponsor and approving body for the enterprise data architecture artefacts? A.
The CDO B. The Data Governance Council C. The Board of Directors D. The Data governance Steering
Committee E. The Data Governance Office.

186. Which Knowledge Area can be considered to be the bridge between business strategy and
technology execution? A. Data Modeling and Design B. Data Architecture C. Data Storage and
Operations D. Data Governance E. Data Warehousing and Business Intelligence.

187. What does Subject-orientated mean? A. An enterprise wide view. B. The different knowledge areas
have different orientations C. A model that is organised according to application data requirements D.
Dividing a model into commonly recognised subject areas that span across multiple business processes.
E. Subject oriented is synonymous with siloed.

188. The conceptual Enterprise Data Model may be built using a top-down or bottom up approach.
What is the differece? A. Top-down uses data flows as a starting point, while bottom-up starts with data
lineage. B. Top-down starts with industry standard models. Bottom-up requires a subject area
discriminator. C. Top-down and bottom-up are two sides of the same coin. D. Top-down starts with
subject areas and populating them with models. Bottom-up is based on existing data models. E. Bottom-
up starts with subject areas and populating them with models. Top-down is based on existing data
models.

189. What type of architecture role describes the structure and functionality of applications in an
enterprise? A. Systems Architect B. Solutions Architect C. Applications Architect D. Technical Architect E.
Data Architect.

190. The Subject Area discriminator is the principles that form the Subject Area structure. Which is NOT
a valid Subject area discriminator? A. Business Capabilities B. Organisational structure C. Top level
processes based on business value chains D. Portfolios and funding E. Data Governance structure and
data ownership.

191. The deliverable, Data Value Chain, is aligned to which Business Architecture artefact? A. Data
Strategy B. Business Models C. Business Value Stream D. Business Capabiities E. Business Events.

192. How many Perspectives are there in the Zachman framework? A. 12 B. 36 C. 6 D. 1 E. 3.

193. Who is commonly known as the father of enterprise architecture? A. Ralph Kimball B. John
Zachman C. Bill Inmon D. Steve Hoberman E. Robert Abate.

194. What type of architecture role describes the structure and functionality of applications in an
enterprise? A. Data Architect B. Systems Architect C. Solutions Architect D. Applications Architect E.
Technical Architect.

195. Which archetectural artefact documents relationships between data and applications within a
business process, data stores and business roles? A. Data value chain B. The conceptual enterprise data
model C. The logical enterprise data model D. Data lineage E. Data Flow.
196. The Subject Area discriminator is the set of principles that form the Subject Area structure. Which is
NOT a valid Subject area discriminator? A. Business Capabilities B. Organisational structure C. Top level
processes based on business value chains D. Portfolios and funding structure E. Data Governance
structure and data ownership.
197. Which Data Architecture artefact contains the names of key business entities, their realtionships,
critical guiding business rules and critical attributes? A. Enterprise Semantic Model B. Enterprise
Business Glossary C. Enterprise Data Standards D. Enterprise Data Flows E. Enterprise Data Model.
198. Which Enterprise Architecture Domain establishes the requirements for the other domains? A.
Enterprise Business Architecture B. Enterprise Data Architecture C. Enterprise Applications Architecture
D. Enterprise Technology Architecture E. Enterprise Solutions Architecture.

199. What does TOGAF stand for? A. To Govern Architecture Framework B. The Official Generic
Architecture Framework C. The Organsed General Architecture Framework D. The Open Group
Architecture Framework E. Technology Operations Governance Architecture Framework.

200. Which of the following uses for a Data Mining tool is not optimal? A. Analyze supermarket scanner
data to determine when people are most likely to shop and buy certain products B. Fraud Detection C.
Identification of data quality issues with your SAP Financial system D. Predictive Analysis E. Customer
Segmentation and Scoring.

201. Which of the following is not a good example of BI? A. Strategic Analytics for Business Decisions B.
Decision Support Systems C. Supporting Risk Management Decision Reporting D. Statutory reporting to a
Regulatory Body E. Trend Analysis.

202. Analytic Applications provide business with a pre-built solution to optimize a functional area or
industry vertical A. True B. False.

203. When performing an evaluation of analytic applications, which of the following questions is least
relevant to identify the level of effort needed?
A. How much of the tool infrastructure meets our organizational infrastructure B. The Standard source
systems for which ETL is supplied C. Number of source systems we need to integrate into the tool D.
How much do the canned processes in the tool match our business E. Annual costs such as license,
maintenance, etc. .

204. You need to discover possible relationships or to show data patterns in an exploratory fashion
when you do not necessarily have a specific question to ask. What kind of data tool would you use to
identify patterns of data using various algorithms? A. ETL Jobs B. Data Quality Profiler C. Meta-Data Data
Lineage View D. Data Mining E. Data Visualization Application.

205. "Slice", "Dice", "Roll-up" and "Pivot" are terms used in what kind of data processing? A. OLAP B.
OLTP C. ODS D. EDI E. EIEIO.

206. A comparatively new architectural approach is where volatile data is provisioned in a data
warehouse structure to provide transactional systems with a combination of historical and near real
time data to meet customer needs. This is a definition of: A. Operational Data Store B. Behavioural
Decision Support Systems C. Active Data Warehousing D. On Line Transactional Processing System E. On
Line Analytical Processing Cube.
207. Big data is often defined by three characteristics. They are:
A. Volume, Variety, and Velocity
B. Complexity, Compliance and Completeness
C. Size, Speed, and Sensitivity
D. Direction, Depth and Details
E. Expansive, Engaged and Enormous.
208. Big data management requires: A. less discipline than relational data management B. more
discipline than relational data management C. no discipline at all D. a certification in data science E. big
ideas with big budgets.

209. A 'Data Lake' is an environment where a vast amount of data can be: A. updated, obfuscated,
nullfied and cleansed B. digested, processed, deletedand visualised C. ingested, screened, obfuscated
and purged D. purged, sorted, split and scanned E. ingested, shared, assesed and analysed.

210. A 'Data Swamp' is a data lake that has become:

A. messy, unclean and inconsistent
B. modelled, managed and muddy
C. suitable for frogs, toads and salamanders
D. overly catalogued, holding information and data
E. a data asset that uses machine learning.

211. Which of the following is a typical metric in data warehouse/BI projects? A. Number of differente
metadata used B. Number of fact tables connected C. Number of concurrent users connected to the
data warehouse D. Number of indexes used in the fact table E. Number of snowflake dimensions used in
the projects.

212. Which of the following is NOT an activity that would enable business acceptance and user
satisfaction? A. Ensuring perceptions of the quality of the data in the BI system are managed B.
Understanding the data and defining the operations team’s responsiveness to identified issues C.
Promoting scheduled meetings with user representatives D. Defining different types of reporting tools to
be used for future business needs E. Furnishing and end-to-end verifiable data lineage.

213. A data lineage tool enables a user to? A. Track the data from the source system to a target
database, understanding its transformations B. Line up the data to support sophisticated glossary
management C. Track the historical changes to a data value D. Visualize how the data gets to the data
lake E. Enables rapid development of dashboard reporting.
214. One of the difficulties when integrating multiple source systems is? A. Completing the Data
Architecture on time for the first release B. Maintaining documentation describing the data warehouse
operation C. Having a Data Quality rule applicable to al source systems D. Determining valid links or
equivalences between data elements E. Modifying the source systems to align to the enterprise data
model.
215. During the implementation of a data warehouse, a roadmap is used to? A. Demonstrate progress
towards the desired end state B. Demonstrate alignment to the project plan C. Articulate user
requirements D. Articulate Data Quality checkpoints E. Construct intricate security authorization.

216. What factors should you consider when choosing data warehouse tools? A. Build vs. buy vs. rent B.
Current and future requirements C. Current and future costs D. Professional service offerings E. All of
the above.

217. The data dictionary describes?

A. Mainly extract, transform, and access processes
B. Mainly data in business terms directly from the logical model
C. Mainly source, target, and transformation rules
D. Mainly availability and integrity quality rules
E. Mainly data in XML, JSON, and text forms.

218. OLAP, conceptually illustrates as a?

A. Relational table
B. Hierarchical structure
C. Multi-columnar structure
D. Cube
E. Recursive structure.

219. Which approach is considered most effective when supporting multi-dimensional business report
requests? A. OLTP B. ODS C. OLAP D. EDI E. BI.

220. One of the key differences between operational systems and data warehouses is? A. Operational
systems focus on historical data; data warehouses contain current data B. Operational systems focus on
current data; data warehouses contain historical data C. Operational systems focus on business
processes; data a thewarehouses focus on business strategies D. Operational systems are available 24x7;
data warehouses are available during business hours E. Operational systems focus on Data Quality; data
warehouses focus on data security.
222. Critical to the incremental development of the data warehouse is? A. A strong incident
management process B. A strong release management process C. A strong capacity management
process D. An agile development team E. The assurance to include velocity, variety, and veracity
measurements.

223. A data integration approach that updates a data warehouse with small changes from operational
systems is called? A. ETL B. ELT C. EII D.SOA E. CDC.

224. Which of these is a common OLAP operation? A. Slice and dice B. Pivot C. Drill up and drill down D.
Roll up E. All of the above.

225. The main part of a data vault that houses and integrates data from various source systems is
referred to as? A. Metrics mart B. Business data vault C. Information mart D. Persistent staging area E.
Raw data vault.

226. Which users in an organization are more likely to be the recipients of business performance
management reporting? A. Operations B. Data scientists C. BI team members D. IT team E. Executives.
227. To answer questions like “What does this report mean?” or “What does this metric mean?”, the
data warehouse/BI team should focus on? A. Data lineage B. Conceptual data model C. Predictive and
prescriptive analytics D. Data Quality applications E. End-to-end metadata.

228. In its broadest context, the data warehouse includes: A. Either an Inmon or Kimball approach B. All
the data in the enterprise C. Any data stores or extracts used to support the delivery for BI purposes D.
An integrated data store, ETL logic, and extensive data cleansing routines E. Data stores and extracts
that can be transformed into star schemas.
229. What are relationship labels?
A. The verb phrases describing the business rules in each direction between two entities
B. The nullability setting on a foreign key
C. A foreign key that has been role-named
D. A relationship without cardinality
E. A non-identifying relationship.

230. Which of these statements has the most meaningful relationship label? A. An order line contains
orders B. An order is associated with order lines C. An order is related to order lines D. An order is
connected with order lines E. An order is composed of order lines.

231. Dimension tables: A. Are the same as Facts B. Have few columns but many rows C. Have many
columns but few rows D. Do not contain hierarchies E. Contain measures.
232. All of the following are TRUE statements on relationship types except: A. A recursive relationship
relates instances of an entity to other instances of the same entity B. A one-to-many relationship says
that a parent entity may have one or more child entities C. A one-to-many relationship says that a child
entity may have one or more parent entities D. A many-to-many relationship says that an instance of
each entity may be associated with many instances of the other entity, and vice versa E. A one-to-one
relationship says that a parent entity may have one and only one child entity.

233. Critical to the success of the data warehouse is the ability to explain the data. The DMBoK
knowledge area that practices these techniques is: A. Data Architecture B. Reference and Master Data C.
Metadata Management D. Document & Content Management E. Data Storage and Operations.

234. In Dimensional data models, which of these is NOT true regarding Measures? A. Measures are
found in Fact tables B. Measures can always be added across all dimensions C. Measures should be
numeric and additive D. Care must be taken if a measure is a snapshot figure E. Just because a value is
numerical does not mean it is a measure.
234. What is the difference between cardinality rules and data integrity rules?
A. Cardinality rules define the quantity of each entity instance that can participate in a relationship
between two entities, and referential integrity rules ensure valid values
B. Referential integrity rules only appear on a relational data model, and cardinality rules only appear on
a dimensional data model
C. There is no difference. Cardinality rules and Referential integrity rules are synonyms
D. Referential integrity rules quantify the relationships between two or more entities, and cardinality
rules quantify the common attributes across entities
E. Referential integrity rules define the quantity of each entity instance that can participate in a
relationship between two entities, and cardinality rules ensure valid values.
235. What are relationship labels? A. The nullability setting on a foreign key B. A foreign key that has
been role-namedmodel C. A non-identifying relationship D. A relationship without cardinality E. The verb
phrases describing the business rules in each direction between two entities.

236. In a non-identifying relationship: A. The primary key of the child entity is concatenated B. The
foreign key of the parent entity migrates to the child entity C. The primary key of the parent entity
becomes part of the primary key of the child entity D. The primary key of the parent entity becomes a
foreign key in the child entityF151 E. The primary key of the child entity is removed.

237. Which of these is NOT a type of key found in a data model?

A. Foreign Key
B. Primary Key
C. Surrogate Key
D. Alternate Key
E. Local Key.

238. In the conceptual data model an instantiation of a particular business entity is described as:
A. Dataset
B. Record
C. Rule
D. Row
E. Entity occurrence.

239. In a recursive relationship: A. All of the above B. The relationship could be an identifying
relationship C. The relationship could be mandatory at either end D. None of these, recursive
relationships are not allowed in Data Models E. The foreign key must have a role name to avoid attribute
duplication.
240. The highest level of these data model types is the: A. Dimensional model B. Physical model C.
Logical model D. Conceptual model E. Database model.

241. Components of logical data models include: A. Keys B. Relationships C. Entities D. All of the above E.
Attributes.

242. How is a relationship represented in a relational database? A. Primary keys B. Links C. Edges D.
Surrogate keys E. Foreign keys.

243. The Conceptual Data Model documents A. The iterative process of eliciting requirements B. The
process of building a new application. C. The technical solution D. The scope and key terminology of the
application. E. The business solution.
244. What is an associative entity used for? A. To describe a many-to-many relationship B. To document
an association within the model. C. To enforce referential integrity. D. To enforce cardinality. E. To
strengthen relationships as the relationships around it are usually strong.
245. After all the effort of normalising a logical data model, why is the physical data model sometimes
denormalised?
A. Denormalised tables are easier to create.
B. Denormalisation improves performance.
C. Denormalised databases are less costly to maintain.
D. It is unclear, as denormalisation increases data redundancy
E. Denormalisation makes the physical data easier to load.
246. A heirarchical relationship involving only one entity may be described as A. A one-to-many
recursive relationship B. A many-to-many recursive relationship C. A many-to-many self referencing
relationship D. A solitary parent-child relationship E. A relationship where a child entity may have more
than one parent.
247. A type of model where ternary relationships exist is A. Dimensional modelling B. Object-oriented
modelling C. Hierarchical modelling D. Fact-based Modelling E. Time-based modelling.

248. A property that identifies, describes or measures an entity is called: A. A relationship B. A fact C. An
attribute D. A domain E. A data type.

249. What do we call an entity whose primary key contains an attribute from another entity? A.
Independent Entity B. Dependent Entity C. Non-identifying Entity D. Identifying Entity E. Child Entity.

250. The Cardinality symbol on the relationship between Student and Course has a zero on the Course
side. This means that A. This is an error because a student cannot register for no courses. B. A course
exists without students to take it C. A particular instance of course is not required in the relationship D.
This is an error because the course must exist E. A student must not take a course.

251. Which modelling scheme is based on set theory? A. Object-oriented B. Dimensional C. NoSQL D.
Relational E. Fact-based.
252. What is the difference between the relationship lines on relational and dimensional models A.
Relational models they can be horizontal and vertical, whereas dimensional model have only vertical
lines. B. In relational models the lines are mandatory, but they are optional in dimensional models. C. In
relational models the lines are identifying relationships, but they are only navigation paths in
Dimensional models. D. Relational models can have dotted lines, but dimensional models only have soild
lines. E. Relational models the lines represent business rules and dimensional they capture navigation
paths to answer business questions.

253. An Entity in a data model may become a table in the database. We can refer to a row in that table
as an A. Entity Occurrence B. Entity Attribute C. Entity Instance D. Entity Dimension E. Entity Scheme.
254. A relationship captures the high-level interactions between conceptual entities, the detailed
interactions between logical entities and the _____________ between physical entities. A. Aliases B.
Separation C. Cardinalities D. Low-level Interactions E. Constraints. 255. In Dimensional Models a
relationship is usually called a A. Link B. Measure C. Reference D. Constraint E. Navigation path.

256. A Relationship which is read as "Each Student may attend one or many courses" implies that A. It is
not mandatory that Students take multiple courses but have to attend one B. It is required that each
Student attends at least one course. C. This relationship does not make sense D. Multiple Students must
take multiple courses E. Students are not required to take courses.

257. A recursive relationship is also known as a A. Binary Relationship B. Virtual Relationship C. Alias
Relationship D. Ternary Relationship E. Unary Relationship.
258. The difference between cardinality and arity is A. They are the same concept. B. Cardinality must be
determined before arity. C. Cardinality captures how many entites particpate in the relationship, and
arity captures how many entity instances participate in the relationship. D. Cardinality determines the
number of entity instances participating and arity clarifies them. E. Cardinality captures how many entity
instances particpate in the relationship, and arity captures how many entites participate in the
relationship.

259. An alternate key is used to A. Give business understanding of keys B. take the place of the primary
key C. describe the business rules D. ensures uniqueness of attributes E. enforce relationships.

260. Which model scheme works best for enforcing business rules in operational systems? A.
Dimensional B. Fact-based C. Object-oriented D. Relational E. NoSQL.
261. Relationship labels are what type of word? A. Plural B. Article C. Verb D. Noun E. Adverb.
262. What is the most basic level of Normalisation? A. 5NF B. 1NF C. 2NF D. 3NF E. Boyce/Codd NF.
263. What does NOT NULL mean? A. The attribute must be populated, and null values are not allowed B.
Null values are allowed C. A dimension table must be present. D. The data type of the attribute is not
numeric. E. The attribute must be populated with positive numbers.

264. The following statement is an example of what type of data rule: "A company can have many
employees"? A. Multiplication B. Completeness C. Consistency D. Cardinality E. Arity.

265. Functions, triggers and stored procedures are part of which data model? A. Conceptual B. Logical C.
Canonical D. Enterprise E. Physical.
266. What is the difference between entities and attrbutes?
A. and attribute is the same as an entity instance
B. An entity may have domains but attributes do not
C. Entities are nouns and attributes are verbs
D. Entities contain attributes, which identify, describe or measure the entity.
E. An entity is a property that identifies, describes or measures an attribute.
267. What does an attribute become in a database? A. A row B. A table C. An index D. A trigger E. A
column.

268. What are indexes used for? A. To prevent Table scans B. To prevent a the table being a heap C. To
optimise query performance D. To prevent the DBMS reading every row E. All the above.

269. What does DDL stand for? A. Defined Data Lineage B. Data Directed Lifecycle C. Data Definition
Language D. Define Data Language E. Direct Data Lineage.
270. What type of relationship relates an entity to itself? A. A recursive relationship B. A unary
relationship C. A self-referencing relationship D. A unary recursive relationship E. All the above.
271. What does SQL stand for? A. A view B. Structured Query Language C. Structured Question Language
D. Systematic Quiz Lnguage E. Structured Quiz language.

272. What is the graphical representation of an object-oriented design called?

A. UML
B. Java
C. Delphi
D. C++
E. Option 5.

273. According to the DMBOK, what is the basic goal of normalisation? A. To show the skill of the
modeller B. To accommodate multiple representations of the data C. To simplify a compex business D.
Data model complexity E. To keep each data element in only one place.

274. What is a foreign key? A. A key defined in a foreign language B. A key foreign to the model C. The
primary key of a child entity, found in a parent entity to enforce a relationship D. Used in the body of an
an associative entity to identify an instance of that entity E. A key used in logical and physical data
modelling to represent a relationship.

275. What is the term used when normalisation rules are selectively and justifiably violated? A.
Nonormalisation B. Anti-normalisation C. Denormalisation D. Unnormalisation E. Snowflaking.

276. What data modelling notation uses "crows feet" to depict cardinality? A. IDEFIX B. Barker C. Chen
D. UML E. IE or Information Engineering.
277. What type of relationship does the employee entity have with itself? A. Recursive relationshipACC
B. Binary relationship C. Ternary relationship D. Dimensional relationship E. One-to-one relationship.
278. What is the complete set of all possible values for an attribute called? A. Impossible to model B. A
domain C. A range D. A list E. A mapping.

279. Who takes primary responsibility for the detailed physical database design? A. Data Governance B.
Data Architecture C. Data stewards D. DBA (Database Administrator) E. CDO.

280. Name the 3 relationship types found in a data model? A. Hierarchical, Relational, NoSQL B. Unary,
Binary, Ternary C. Cell, Row, Table D. Conceptual, Logical, Physical E. One-to-one, one-to-many, many-
to-many.
281. Which type of normal form depends on "the key, the whole key, and nothing but the key"? A. 3NF
(Third Normal Form) B. 1NF (First Normal Form) C. 2NF (Second Normal Form) D. 4NF (Forth Normal
Form) E. 5NF (Fifth Normal Form).

282. In a one-to-one relationship, how many children can a parent have? A. Only one B. Any number C. It
depends D. It is difficult to calculate E. None.

283. For what kind of applications is a denormalised design best? A. None B. Analytical Applications C.
Operational applications D. NoSQL applications E. Object oriented applications.

284. One of the goals of the Data Storage and Operations knowledge area is A. To drive data
management technology B. To provide data securely, with regulatory compliance, in the format and
timeframe needed. C. To ensure the integrity of data assets D. To identify data storage and processing
requirements E. To ensure ROI on data technology assets.

285. What is the DBA called who collaborates with data analysts, modellers and architects? A.
Production DBA B. DevOps DBA C. Development DBA D. Procedural DBA E. Application DBA.

286. What type of database architecture may be used for distributed integration projects such as Master
data Management? A. ACID B. Federated C. Blockchain D. BASE E. Distributed.

287. A cloud computing service where users purchase a virtual machine instance for a period of time
and upload their database to run on it. A. Database in the Cloud B. Managed database hosting C.
Database-as-a-Service D. Virtual machine image E. Azure.

288. The acronym ACID stands for: A. Atomicity, Consistency, Independence, Dominance B. Additive,
CAP, Independence, Database C. Atomicity, Cardinality, Instance, Durability D. Arity, Cardinality,
Instance, Development E. Atomicity, Consistency, Isolation, Durability.

290. "Once complete, the transaction cannot be undone." describes which characteristic of ACID
processing?
A. Durability
B. Dominance
C. Consistency
D. Dependency
E. Atomicity.
291. A type of database designed to reduce disk I/O by using pointers to enable compression where data
values are repeated to a great extent. A. In-memory databases B. Row-oriented C. Key-value stores D.
Document databases E. Column-oriented.

292. What type of testing is used to test a system's functionality against the requirements? A. User
Acceptance Testing B. Validation Testing C. Quality Assurance Testing D. Performance Testing E.
Integration Testing.
293 "Schema on write" means A. In order to write data, the structure has to be known in advance. B.
The data unstructured until it is written. C. In order to write data we must turn the schema setting on. D.
The database structure becomes clear when the data is written. E. We are dealing with a NoSQL
database.
294. A type of database used for taxonomy and thesaurus management and knowledge portals. A.
Spatial B. Object/Multimedia C. Relational D. Column-oriented E. Triplestore.

295. The process of moving data off immediately accessible media onto media with lower retrieval
performance. A. Creating back-ups B. Replication C. Sharding D. Archiving E. Purging.

296. What type of database replication involves a two-phase commit process? A. CDC B. Passive C. Log-
shipping D. Vertical E. Mirroring.

297. It is important that enterprise naming standards are applied to the physical data model for
consistency. The Metadata semantics standard recommended is A. ISO/IEC 11179 B. ISO 15489 C. ISO
9001 D. ANSI 859 E. ISO 8000.

298. In Data Storage and Operations the term "Instance" refers to: A. A server in distributed database. B.
A single database. C. A single row on a database table D. Any database object, such as table, stored
procedure or user defined function. E. An execution of database software controlling access to a certain
area of storage.

299. In Data Storage and Operations the term "Schema" refers to: A. A subset of database objects
contained within a database. B. A group of databases with something in common C. An execution of
database software controlling access to a certain area of storage. D. The type of data model on which
the database was built. E. The Star Schema in a data mart.

230. A type of database architecture in which the database management software copies data among
servers to deliver a highly available service on a cluster of computers. A. Blockchain B. Federated C.
Autonomous D. Centralised E. Distributed.

301. A type of database processing dominant in transcation processing using SQL is: A. ACID B.
Centralised C. Distributed D. MPP-Shared Nothing E. BASE.
302. The CAP theorem states that the larger a distributed system is, the lower the compliance to ACID.
An application of this theorem is: A. Predictive analytics B. the data lake C. Prescriptive analytics D.
Operational systems E. Services-based Architecture.

303. The database environment which is a slimmer version of the live environment, used to create and
test code and new patches before deployment. A. Experimental B. Development C. Production D.
Sandbox E. Test.
304. A type of database organisation based on set theory, and using set operations. A. Spatial B.
Relational C. Heirarchical D. Triplestore E. NoSQL.
304. A type of database processing dominant in transcation processing using SQL is A. ACID B.
Centralised C.Distributed D. MPP-Shared Nothing E. BASE.

305. The possibility of loss or the condition that poses a potential loss which must be calculated.
A. Risk
B. Security breach
C. Vulnerability
D. Exploit
E. Threat.

306. Data Security frameworks require all enterprise information to be categorised. What is essential to
achieve this goal? A. Proactive management B. Collaboration between Business and IT C.Stakeholder
engagement D. A strong security team E. Creating an Enterprise Data Model.

307. The process by which a user logging onto a system is recognised. A. Access B. Audit C.Authorisation
D. Decryption E. Authentication.

308. A process of translating plain text into complex codes where the sender and receiver have different
keys. A. Two-key encryption B. Public-key encryption C.Hash-key encryption D. Safe-key encryption E.
Private-key encryption.

309. A type of data masking which may reveal only the last four digits of a credit card number to a call
centre operator who uses that to verify the account number with a client. E.g **** **** **** 9013 A.
Dynamic data masking B. In-place persistent data masking C.Key masking D. Classic data masking E.
Randomised data masking.

310. An unsecured Internet but highly encrypted network connection that allows a user access to an
organisation's internal network. A. API B. CDC C.EDM D. USB E. VPN.
311. An industry data security standard which is used to classify information which can identify an
individual with a bank account. A. GDPR B. FI-DSS C.POPIA D. PCI-DSS E. Basel II.

312. What is the best solution to combat abuse of excessive privileges by a user.
A. Apply query level access control to restrict privileges to the minimum required SQL operations and
data
B. Continuous communication with the user's supervisor.
C. Constantly monitor user's machines
D. Always apply the principle of most privilege when granting access.
E. Only give excessive privileges to honest users.

313. An organisation's Data Security Policy is defined by a collaboration of IT, Security Architects, Data
Governance committees, Data Stewards, Audit and Legal. It is reviewed and approved by the Data
Governance Council. Who owns and maintains the policy?
A. The Board of Directors
B. The Data Management Steering Committee
C. The CEO
D. The Data Owners
E. The Data Management Executive (CDO).
314. Data Security policies and procedures ensure that: A. Data is always encrypted, and the right
people have the keys. B. The right people can use and update data in the right way, and that all
inapproriate access and update is restricted. C. it is difficult for anyone to access, update and use the
data. D. Hackers are identified before they access the data. E. Security officers guard the server rooms.

315. If you need to determine the organisation's data risks, begin by identifying and classifying sensitive
data. What is necessary to analyse in order to determine the touch points where that data may be
exposed? A. Target systems B. Government regulations C. Source systems D. Business processes E. User
groups.

316. Why does the DMBOK refer to security as an "asset"? A. It is important to recognise all the assets in
the enterprise, and data security is one B. Data security is a foundation activity. C. The data is tagged
with security classification and regulatory sensitivity Metadata, which travels with it as it flows through
the enterprise and ensures the level of protection. D. Everything about data is advantageous to the
organisation, and is therefore an asset. E. Security is expensive, but is recorded as an asset on the
balance sheet.

317. A successful data security programme is dependent on: A. Separation of responsibilities between
Information Security, IT, DBAs and business. B. strong rules and regulations. C. Collaboration between IT
security administrators, Data Governance and Legal. D. a silo-ed environment. E. the organisation being
at maturity level 5.
318. Computers with out-of-date security patches, web pages with weak passwords, and unprotected
corporate software which may allow SQL injection, are examples of A. Calculated risks B. Threats C. Poor
maintenance D. Malware E. Vulnerabilities.

319. A system which requires a user to enter his/her username and password as well as a PIN messaged
to the user's phone, is making use of
A. Electronic communication security
B. Two-factor identification
C. One-factor identification
D. Hardware enabled security
E. Three-factor identification.

320. Definition of Data Security Policies should be: A. A collaborative effort between Business and IT B.
Reviewed by external Regulators C. Conducted by external consultants D. Based on defined standards
and templates E. Determined by external Regulators.

321. What is the role of the Data Governance Council in defining an Information Security policy? A. The
Data Governance Council should define the Data Security Policy B. The Data Governance Council should
implement the Data Security Policy C. The Data Governance Council should draft early versions of the
Data Security Policy D. The Data Governance Council should have no role in Data Security E. The Data
Governance Council should review and approve the high-level Data Security Policy.

322. Which of these are characteristics of an effective data security policy? A. The defined procedures
ensure that the right people can use and update data in the right way, and that all inappropriate access
and update is restricted B. The policies are specific, measurable, achievable, realistic, and technology
aligned C. The procedures defined are benchmarked, supported by technology, framework based, and
peer reviewed D. None of these E. The defined procedures are tightly defined, with rigid and effective
enforcement sanctions, and alignment with technology capabilities.
323. A CRUD matrix helps organisations map responsibilities for data changes in the business process
work flow. CRUD stands for: A. Create, Read, Update, Delete B. Create, React, Utilise, Delegate C. Create,
Review, Use, Destroy D. Confidential, Restricted, Unclassified, Destroy E. Cost, Revenue, Uplift,
Depreciate.

324. A RACI matrix is a useful tool to support the ______ in an outsourced arrangement. A. Transfer of
access controls B. Separation of duties C. Alignment of Business goals D. Service level Agreement E.
Attributing Costs.
325. Stakeholders whose concerns must be addressed in data security management include: A. Clients,
Patients, Citizens, Suppliers, or Business Partners B. External Standards organisations, Regulators, or the
Media C. Media analysts, Internal Risk Management, Suppliers, or Regulators D. The Internal Audit and
Risk committees of the organisation E. All of these.

326. When outsourcing information management functions, organisations can: A. Reduce cost of
compliance and improve turnaround B. Align strategy and control privacy C. Improve controls while
reducing costs D. Transfer accountability but not control E. Transfer control but not accountability.

327. How does Data Security contribute to competitive advantage? A. Data Security makes it harder for
your competitors to find out about who you do business with B. Data Security makes your competitors
invest more effort into trying to find out your trade secrets C. Governments do not allow organisations
to trade if they do not manage Data Security D. Data Security helps to protect proprietary information
and intellectual property, as well as customer and partner information E. Data security stops
organisations going out of business due to an information leak.

328. The needs of data protection require us to ensure that: A. Data is secured with a password B. Data
can always be freely used in the company as it is a company asset C. Data is processed only in ways
compatible with the intended and communicated use it was collected for, and respects the consent of
the data subject D. Data is encrypted at all times E. Data is frequently backed up so that it can be
recovered in all cases.

329. Apart from security requirements internal to the organisation, what other strategic goals should a
Data Security Management system address? A. Regulatory requirements for privacy and confidentiality
AND Privacy and Confidentiality needs of all stakeholders B. Compliance with ISO27001 and HIPPA C.
Ensuring the organisation doesn't engage in SPAM marketing D. None of these E. Compliance with
ISO29100 and PCI-DSS.
330. Which of these statements best defines Data Security Management?
A. The definition of controls, technical standards, frameworks, and audit trail capabilities to identify who
has or has had access to information
B. The implementation and execution of checkpoints, checklists, controls, and technical mechanisms to
govern the access to information in an enterprise
C. The planning, development, and execution of security policies and procedures to provide proper
authentication, authorization, access, and auditing of data and information assets
D. None of these
E. The planning, implementation, and testing of security technologies, authentication mechanisms, and
other controls to prevent access to information.

331. Which of the following define the data security touch points in an organisation? A. Risk Assessment
B. Legislation C. Internal Audit D. Business rules and process workflow E. TIndustry standards.
332. Vulnerability is defined as:
A. a patch in a system that allows it to be successfully unpatched and compromised.
B. being highly data risk rated
C. a strength in a system that allows external stakeholders to view data records.
D. a weakness or defect in a system that allows it to be successfully attacked and compromised.
333. A data governance strategy defines the scope and approach to governance efforts. Deliverables
include: A. Charter B. Operating framework and accountabilities C. Implementation roadmap D. Plan for
operational success E. All of the above F. None of the above.

334. SLA Stands for:

A. Service Level Agreement
B. System Lifecycle Audit
C. System Latitude Audit
D. Service Lifecycle Audit.

335. An input in the Metadata management context diagram does not include: A. Business requirements
B. Business metadata C. Technical metadata D. Metadata standards E. Process Metadata.

336. Some ways to measure value of data include: A. Replacement cost B. Market value C. Selling Data
D. Risk cost E. Identified opportunities F. All of the above.

337. What model is the highest level model within the enterprise data model? A. Logical model B.
Physical model C. Conceptual model D. Subject Area model.

338. Please select correct term for the following sentence: An organization shall assign a senior
executive to appropriate individuals, adopt policies and processes to guide staff and ensure program
audibility. A. Principle of integrity B. Principle of availability C. Principle of retention D. Principle of
accountability.

339. The deliverables in the data architecture context diagram include: A. Data flows B. Enterprise data
C. Implementation roadmap D. Data Value Chains E. None of the above F. All of the above.
340. Which Knowledge Areas are dependent on Data Integration and Interoperability being in place?
A. Metadata, Data Warehousing and BI
B. Data Architecture, Reference and Master Data
C. Data Warehousing and BI, Reference and Master Data
D. Data Governance, Data Warehousing and BI
E. Data Storage and Operations, Data Warehousing and BI.

341. The process of loading raw data into a data lake where it can be useful to many processes is called
A. ETL
B. ELT
C. OLTP
D. CDC
E. OLAP.

342. A synonym for Transformation is a

A. Visualisation
B. Set of rules
C. Calculation
D. Mapping
E. Process.

343. Latency is the time difference between when data is generated in the source system, and when it is
available for use in the target system. If no time delay is acceptable, and the source and target must be
in synch, then we say latency is A. Unaccptable B. Low C. Asynchronous D. Batch E. High.
344. The common model used by an organisation to standardise the format in which data must be
shared resides in the hub of a hub-and-spoke design.
A. Standard data model
B. Common data model
C. Canonical data model
D. Generic data model
E. Universal data model.
345. What is the process called which monitors a data set for inserts, updates and deletes, and then
passes these deltas on to other data consumers. A. ELT B. ETL C. Log shipping D. Replication E. CDC.

346. The process of combining data from multiple sources to identify meaningful events or predict
behaviour and automatically trigger a real-time response is A. DaaS B. Complex Event Processing C. Data
Mashups D. EAI E. Data Science.
347. Important information uncovered during data integration about how data is acquired, flows, is
changed and used by the organisation, is called ___________ and must be documented. A. Data
Lifecycle B. Data Stream C. Data Flows D. Data Value Chain E. Data Lineage.

348. Which interaction model is used by the vast majority of systems which share data? They pass data
directly to each other. A. Bus model B. Publish-subscribe model C. Point-to-point model D. Canonical
model E. Hub-and-spoke model.

349. What is the difference between a document and content? A. A document may be paper whereas
content is always electronic. B. A document has a lifecycle and can become an official record, content
can not. C. A content contains a document, data and information. D. A document is the container for
content, which is the data and information inside the file. E. There is no difference.

350. A naming structure containing a controlled vocabulary used for outlining topics and enabling
navigation and source systems is called a A. Ontology B. Glossary C. Thesaurus D. Micro-controlled
vocabulary E. Taxonomy.

351. What is the difference between a thesaurus and an ontology?

A. A thesaurus is developed using OWL and an ontology contains synonyms and definitions.
B. There is no difference, they are essentially the same thing.
C. A thesaurus provides data content classifications and a ontology is a mixed data model.
D. A thesaurus is used for content retrieval and an ontology represents a set of concepts and their
relationships.
E. A thesaurus represents a set of concepts and their relationships and an ontology is used for content
retrieval.
352. One of the goals of Document and Content management is A. To integrate all unstructured
information with all structured information. B. To enforce legal requirements regarding Records
management. C. To comply with legal obligations and customer expectations regarding Records
management. D. To integrate only Records with structured information E. To communicate legal
obligations and customer expectations regarding Records management.
352. What is the process of finding electronic records that might serve as evidence in legal action
called? A. e-preservation B. e-discovery C. e-retention D. e-response E. e-litigation.
354. ARMA International published GARP in 2009. GARP stands for A. Generic Acceptable Recordkeeping
Procedures B. Generally Accepted Recordkeeping Procedures C. Generally Accounted Recordkeeping
Practices D. Generally Acceptable Recordkeeping Principles E. Generaly Audited Recording Principles.
355. In ARMA's GARP, which principle states that the organisation shall assign a senior executive to
appropriate individuals, adopt policies and processes to guide staff, and ensure program auditability? A.
Principle of Integrity B. Principle of Protection C. Principle of Compliance D. Principle of Transparency E.
Principle of Accountability.
356. A type of content delivery system in which a news feed is delivered to news channels and providers
is called: A. Subscribe B. Publish C. Push D. Interactive E. Pull.

357. A controlled vocabulary is a defined list of explicitly allowed terms to index, categorise, tag, and
retrieve content through browsing and sorting. Controlled vocabularies may be thought of as A.
Reference data and Metadata B. Reference data C. Metadata D. Masterdata E. Reference data and
Masterdata.

358. OWL is a languages for developing A. Glossaries B. Heirarchies C. Ontologies D. Taxonomies E.

Dictionaries.

359. A good definition of Records could be A. Evidence that actions were taken and decisions made in
keeping with procedures. B. Paper objects that contain instructions for tasks, requirements for how and
when to perform a task and logs of tasks C. Documents that communicate and share information and
knowledge D. Unstructured data which needs to be managed properly. E. An old fashioned term for a
vinyl.

360. Which of the following are primary deliverables of proper document and record management? A.
Managed records in many media formats, e-discovery records, policies and procedures, contracts and
financial documents B. Spreadsheets, company library books, sales transactions C. Local drives of
laptops, transcripts of phone calls D. Relational databases, database logs, paper documents E. Data from
tracking devices, building sensor data.

361. A document management system is an application used to track and store electronic documents
and electronic images of paper documents which provides the following capabilities: A. Scanning and
transcoding of documents B. Local disk storage and indexing of documents C. Storage, versioning,
security, meta-data management, indexing and retrieval D. Securing forwarding of documents to
colleagues, never having to dispose of documents E. Wiki, collaboration, online editing.

362. Which of these describes activities in the document/record management lifecycle? A. Identification,
management of policies, classification, retention, storage, retrieval and circulation, preservation and
disposal B. Storage, disposal, managing access C. Acquisition, classification, storage, purging D.
Encryption, backup, disposal, extraction E. Acquisition, editing, storage, printing, backup, disposal.

363. An umbrella term for any classification or controlled vocabulary is:

A. Data model
B. Metadata
C. Dictionary
D. Taxonomy
E. English.

364. Non value-added information is often not removed because: A. Legislation is unclear on what
should be kept B. Data is an asset. It is likely to be recognized as valuable in the future C. We might need
the information at a later stage D. It should not be removed. All data is value-added E. The policies are
unclear of what is defined as non-value-added, storage is cheap so there is no cost driver, and it takes
more effort to dispose than to keep.

365. Documents and records should be classified based on the _______ level of confidentiality for
information found in the record. A. Average B. Overall C. Highest D. General.

366. Which statement best describes the relationship between documents and records? A. Documents
and records are the same thing B. Documents are written and records are audio C. Records are a sub-set
of documents D. Documents are a sub-set of records E. Documents and records are not related.

367. Which of the following is not a step in the 'document and content management lifecycle'? A. Create
a content strategy B. Manage versions and control C. Capture records and content D. Audit documents
and records E. Manage retention and disposal.

368. In 2009, ARMA International published GARP for managing records and information. GARP stands
for: A. G20 Approved Recordkeeping Principles B. Generally Available Recordkeeping Practices C.
Gregarious Archive of Recordkeeping Processes D. Generally Acceptable Recordkeeping Principles E.
Global Accredited Recordkeeping Principles.

369. A goal of 'Document and Content Management' is to ensure effective and efficient retrieval and use
of: A. Information, but not data in unstructured formats B. Data and information in structured formats C.
Data and information in unstructured formats D. Data, but not information in unstructured formats E.
Data and information in relational formats.
370. When defining your business continuity plan, which of the following should one consider doing? A.
Make sure that the data is retained sufficiently long, check that critical data is encrypted, check access
rights B. Write a report and discuss with management the required budget C. Determine the risk,
probability and impact, check document backup frequency D. Have the contracts in place to acquire new
hardware in case of technical problems, define policies E. Consider written policies and procedures,
impact mitigating measures, required recovery time and acceptable amount of disruption, the criticality
of the documents.