The Open Group OG0-092 Exam - Topic 1 Question 29 Discussion

Actual exam question for The Open Group's OG0-092 exam

Question #: 29
Topic #: 1

Scenario: Raxlon Inc.

Case Study Title (Case Study):

Raxlon Inc. is a Fortune 500 Company dealing in high value drugs and pharma products. Its annual turnover is over 120 billion $. It has more than 100,000 employees all over the globe in its R&D, Manufacturing and Marketing Units.

Raxlon's CEO, Dr Peter Fowles, is a pharmacology expert and has over 72 patents on various types of drugs mainly used for treating patients with genetic disorders. Raxlon is now moving into a suite of high end critical drug products used for Genetic Repair of congenital Diseases like Alzhmeir's disease and Epilepsy. Rexlon has a well developed EA practice and in 2009 the EA practice has adopted TOGAF 9 as the primary Framework for Enterprise Architectural Change Agent.

Dr Fowles' main concerns are:

Security of the critical data which they have gained over the years after painstaking research. Although Rexlon had an adequate security system Dr Fowles feels it may not be adequate to deal with the new order of things, especially with data which is highly confidential and if leaked would have major financial impact on the Company.

Dr Fowles calls his CIO and explains his position to him and entrusts whim with the responsibly of evaluating the current security system, operation and governance and determine which are the gaps which need to be addressed during the fresh architectural work. Assume that a new Security Framework would be used in the ADM life cycle. To protect Rexlon's valuable IP.

The CIO apprises the Lead Architect of the sensitive nature of the work he has to complete within the next 2 months.

Identify which of the following processes would be most appropriate for the Lead Architect to adopt in this situation.

AIdentify the sources of threat, review the relevant security statutes, see how disaster recovery can be achieved, find who are the actors vis vis the system and design suitable access control mechanisms, identify critical data and applications and ensure that they are given the highest level of security

BFirst revisit the Preliminary Phase to determine the tailoring of ADM vis a vis Security. Identify any change in the Principles or additions to be carried out. Engage with all Stakeholders to finalize the Vision. Then in Business, Information systems and Technology Architectures ensure the Security Frame work adopted to the ADM addresses all critical security issues. Finally conduct an overall review to assess how effective the security ecosystem designed is and whether it meets the security level desired

CInvoke Preliminary Phase and Vision Phase Identify Sources of threat, review and determine revised regulatory, security and assumptions, document them get management buy in , develop business continuity plans especially for critical data operations, assure data, application and technological component security.

DDetermine who are the people who are hacking into similar organizations, ensure that highly secure measures are taken when external people enter the R&D and manufacturing locations, ensure that there is a very strong firewall so that people cannot get illicit entry into the system, periodically check the effectiveness of the security measures

Show Suggested Answer

Suggested Answer: A

by Maurine at May 05, 2022, 12:29 PM

Limited Time Offer

25%

5 months ago

I think deploying Amazon EFS makes the most sense here since it's built for sharing across multiple instances. But I'm not completely sure about the performance impact.

upvoted 0 times

...