






































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Preparation focused on integrating security into DevOps workflows, secure coding, automated security testing, compliance, and risk reduction.
Typology: Exams
1 / 46
This page cannot be seen from the preview
Don't miss anything!







































Question 1. Which communication technique most effectively reinforces a learner’s correct response during a live training session? A) Repeating the learner’s answer verbatim B) Providing a brief, specific praise that references the correct concept C) Asking the learner to elaborate for a longer period D) Switching immediately to the next topic Answer: B Explanation: Specific praise that links the learner’s answer to the underlying concept reinforces correct behavior and promotes retention. Question 2. In active listening, which behavior indicates that the listener is truly understanding the speaker’s message? A) Nodding continuously without processing the content B) Paraphrasing the speaker’s main points in one’s own words C) Maintaining eye contact while thinking about the next slide D) Offering unsolicited advice immediately after the speaker finishes Answer: B Explanation: Paraphrasing demonstrates that the listener has processed and understood the speaker’s message. Question 3. When adjusting language for an audience with low technical literacy, the trainer should: A) Use industry jargon to challenge the audience B) Replace technical terms with everyday analogies C) Speak faster to cover more material D) Provide a glossary after the session only Answer: B Explanation: Everyday analogies make complex concepts relatable without overwhelming learners. Question 4. Which facilitation method is most appropriate for building consensus among senior stakeholders with differing opinions? A) Open brainstorming without any structure B) Nominal Group Technique (NGT) to prioritize ideas anonymously
C) Lecture-style presentation of the trainer’s preferred solution D) Ignoring dissenting views to maintain time constraints Answer: B Explanation: NGT allows participants to generate ideas independently and rank them, reducing bias and fostering consensus. Question 5. In managing disruptive participant behavior, the trainer’s first step should be: A) Publicly reprimand the individual B) Ignore the behavior and continue the session C) Quietly address the issue privately after the session D) Use a calm, non-confrontational statement to redirect focus Answer: D Explanation: A calm redirection de-escalates the situation while maintaining the learning environment. Question 6. Which technology is best suited for delivering micro-learning modules to field technicians with limited internet connectivity? A) High-definition video streaming platform B) Interactive PDF files distributed via USB drives C) Cloud-based LMS requiring constant online access D) Virtual reality simulation requiring heavy bandwidth Answer: B Explanation: Interactive PDFs can be accessed offline and are lightweight, ideal for low-bandwidth environments. Question 7. When selecting hardware for a classroom training environment, the most critical factor is: A) The brand reputation of the equipment B) Compatibility with the training software and learner devices C) Having the newest model regardless of cost D) Aesthetic design matching the room décor Answer: B
Question 11. Which technique is most effective for conducting a task analysis for a new software application? A) Observing a senior manager use the software B) Reviewing the software’s user manual only C) Interviewing end-users while they perform the tasks and documenting each step D) Guessing the steps based on similar applications Answer: C Explanation: Direct observation and user interviews capture real-world task steps and nuances. Question 12. In stakeholder requirements gathering, the trainer should first: A) Draft a training plan based on personal assumptions B) Identify the organization’s culture and values to align training objectives C) Purchase the most expensive training tools available D) Schedule the training before understanding stakeholder goals Answer: B Explanation: Understanding culture and values ensures training aligns with stakeholder expectations. Question 13. Which regulatory requirement is most likely to mandate a specific training content for a financial services firm? A) ISO 9001 quality management standards B) PCI DSS data security standards C) OSHA workplace safety regulations D) GDPR data protection obligations Answer: D Explanation: GDPR requires training on data protection and privacy for employees handling personal data. Question 14. In the ADDIE model, the “Design” phase primarily focuses on: A) Conducting a needs assessment and gap analysis B) Developing detailed instructional strategies, media, and assessments
C) Delivering the training to learners D) Evaluating the effectiveness of the training after delivery Answer: B Explanation: Design translates analysis outcomes into specific instructional plans, media, and assessments. Question 15. The Successive Approximation Model (SAM) differs from ADDIE because it: A) Requires a linear, phase-by-phase approach B) Emphasizes rapid prototyping and iterative feedback cycles C) Does not include an evaluation component D) Is only applicable to e-learning development Answer: B Explanation: SAM’s iterative cycles allow early testing and refinement, unlike ADDIE’s linear structure. Question 16. Which principle of adult learning (andragogy) emphasizes that adults need to see the relevance of what they are learning? A) Readiness to learn B) Self-concept C) Motivation D) Orientation to learning Answer: A Explanation: Adults are motivated to learn when the content is immediately applicable to their work or life. Question 17. According to Bloom’s Taxonomy, which level requires the learner to “apply” knowledge to a new situation? A) Remembering B) Understanding C) Applying D) Analyzing Answer: C
Question 21. A lesson plan component that outlines the exact time allocated for each activity is known as: A) Learning objective B) Sequence of events C) Time budget D) Transition cue Answer: C Explanation: The time budget specifies how long each segment of the lesson will last. Question 22. When creating an instructor guide, the most critical piece of information is: A) The instructor’s personal anecdotes B) Detailed step-by-step instructions for delivering each activity, including prompts and timing C) The color scheme of the presentation slides D) A list of optional jokes to lighten the mood Answer: B Explanation: Detailed instructions ensure consistency and fidelity across different instructors. Question 23. In content validation, which criterion ensures that the training material is accurate and up-to-date? A) Visual appeal of the slides B) Review and sign-off by subject matter experts (SMEs) with current industry experience C) Length of the document D) Number of references cited Answer: B Explanation: SME review guarantees technical accuracy and relevance. Question 24. Pilot testing a new course should be conducted with: A) The entire target audience to collect maximum data
B) A representative sample of learners that mirrors the diversity of the full audience C) Only senior management to gain executive approval D) No participants; the pilot is a “desk-check” only Answer: B Explanation: A representative sample provides realistic feedback while being manageable. Question 25. Which record-keeping practice is essential for compliance with many industry training regulations? A) Storing only the final version of the training material B) Maintaining individual learner attendance logs, assessment results, and certification dates C) Archiving all email communications between trainer and learners D) Keeping a handwritten note of each trainer’s personal reflections Answer: B Explanation: Detailed learner records demonstrate compliance with training and certification requirements. Question 26. When selecting a training site, which environmental factor most directly impacts learner concentration? A) Proximity to a cafeteria B) Lighting level and glare control C) Number of parking spaces available D) Exterior paint color of the building Answer: B Explanation: Proper lighting reduces eye strain and distractions, supporting concentration. Question 27. An emergency evacuation plan for a training facility should be communicated to participants: A) Only if an incident occurs during the session B) At the beginning of the session, with clear signage and a brief walkthrough C) In an email after the training concludes
Question 31. A performance-based assessment in a DevSecOps course would most likely involve: A) Multiple-choice questions about security terminology B) A hands-on lab where learners integrate a static code analysis tool into a CI pipeline C) An essay describing the benefits of DevSecOps D) A true/false quiz on compliance regulations Answer: B Explanation: Performance-based assessments require learners to demonstrate a skill in a realistic setting. Question 32. Setting a passing score of 70% for a certification exam is an example of establishing: A) A formative assessment criterion B) A grading curve C) A standard of performance D) An item-analysis metric Answer: C Explanation: The passing score defines the minimum performance level required for certification. Question 33. In evaluating trainee mastery, which method best aligns with the “behavior” level of Kirkpatrick’s model? A) Post-course satisfaction survey B) Pre- and post-test score comparison C) Observation of learners applying new security practices on the job after training D) Calculation of training ROI based on reduced incidents Answer: C Explanation: Level 3 (Behavior) measures on-the-job changes resulting from the training. Question 34. Which data-analysis technique is most appropriate for identifying trends in post-training survey responses?
A. Regression analysis of test scores B. Thematic coding of open-ended comments followed by frequency counts C. Calculating average attendance per session D. Conducting a SWOT analysis of the training program Answer: B Explanation: Thematic coding quantifies qualitative feedback, revealing common trends. Question 35. Continuous improvement cycles in training programs are best described by which model? A. Waterfall model B. PDCA (Plan-Do-Check-Act) cycle C. Six Sigma DMAIC without iteration D. Linear instructional design Answer: B Explanation: PDCA promotes iterative refinement based on evaluation data. Question 36. Which verbal cue most effectively signals to a learner that their question is being heard and will be addressed? A) “Let’s move on.” B) “I’m not sure about that.” C) “That’s a great question; let me clarify.” D) “We’ll get to that later.” Answer: C Explanation: Acknowledging the question validates the learner and sets expectation for an answer. Question 37. Non-verbal communication that can enhance learner engagement includes: A) Standing with arms crossed behind the back B) Maintaining consistent eye contact and using purposeful gestures C) Reading directly from notes without looking up D) Using a monotone voice throughout the session
Question 41. Which factor is most important when determining the need for accommodations for learners with hearing impairments? A) Providing larger font sizes on slides B) Offering real-time captioning or sign-language interpretation during sessions C) Using bright colors in visual materials D) Scheduling sessions at earlier times of day Answer: B Explanation: Captioning or sign-language ensures that auditory information is accessible. Question 42. A cultural analysis reveals that learners prefer indirect communication. The trainer should: A) Use direct criticism to correct mistakes immediately B) Frame feedback positively and use examples rather than blunt statements C) Avoid any feedback to prevent discomfort D) Deliver all content in written form only Answer: B Explanation: Indirect cultures respond better to positive framing and illustrative feedback. Question 43. Conducting a job analysis for a new role should start with: A) Reviewing the organization’s strategic plan B) Interviewing incumbents and supervisors to list tasks, responsibilities, and required competencies C) Analyzing salary data across the industry D) Creating a generic competency model without input Answer: B Explanation: Direct input from current role holders yields an accurate task and competency list. Question 44. Which stakeholder is most likely to influence the inclusion of compliance-related content in a training program? A) The cafeteria manager B) The internal audit or compliance department
C) The marketing team D) The external vendor’s sales representative Answer: B Explanation: Compliance departments ensure training meets regulatory obligations. Question 45. When verifying training needs against internal policy, the trainer should: A) Assume the policy is outdated and ignore it B) Map each learning objective to specific policy clauses to ensure coverage C) Create new policies based on training content D) Rely solely on industry standards, not internal documents Answer: B Explanation: Direct mapping guarantees that training fulfills policy requirements. Question 46. In the SAM model, the “Iterative Design” phase primarily involves: A) Finalizing the complete curriculum before testing B) Building rapid prototypes, gathering feedback, and refining the design repeatedly C) Conducting a single pilot test and then launching the full course D) Skipping documentation to speed up development Answer: B Explanation: Iterative design emphasizes quick prototyping and continuous improvement. Question 47. Agile training development differs from traditional models by: A) Delivering the entire curriculum at once after a long development cycle B) Using short sprints to create and release incremental learning modules, incorporating stakeholder feedback each sprint C) Avoiding any testing until the final product is complete D) Ignoring learner feedback during development Answer: B
Question 51. When performing a cost-benefit analysis, the “direct cost” of a training program includes: A) Lost productivity while employees attend the course B) Salary of the trainer and fees for external consultants C) Employee morale improvements post-training D) Enhanced brand reputation Answer: B Explanation: Direct costs are explicit expenses such as trainer fees and materials. Question 52. Which delivery method blends face-to-face instruction with online activities to reinforce learning? A) Pure e-learning B) Instructor-led classroom only C) Blended learning D) Micro-learning via mobile app only Answer: C Explanation: Blended learning combines in-person and digital components. Question 53. In lesson planning, “transitions” refer to: A) The time allocated for breaks B) The activities that smoothly move learners from one segment to the next, maintaining flow C) The final assessment at the end of the lesson D) The list of required equipment Answer: B Explanation: Effective transitions keep momentum and prevent cognitive gaps between topics. Question 54. An instructor guide that includes “probing questions” is intended to: A) Fill time when the trainer runs out of material B) Encourage deeper thinking and assess comprehension during delivery C) Distract learners from the main content
D) Provide a script for the trainer to read verbatim Answer: B Explanation: Probing questions stimulate analysis and check understanding. Question 55. Validation of training content by SMEs should occur: A) Only after the course has been delivered to learners B) During the development phase, before finalizing materials C) After the pilot test, ignoring earlier feedback D) At the very beginning, before any content is created Answer: B Explanation: Early SME validation ensures accuracy before large-scale production. Question 56. A pilot test that reveals learners struggle with a particular module indicates: A) The module should be removed entirely B) The content or delivery method needs revision before full rollout C) The pilot participants were not qualified D) The assessment was too easy Answer: B Explanation: Identifying difficulty early allows targeted improvements. Question 57. Standardized recordkeeping for training should include: A) Only the names of the trainers B) Detailed logs of curriculum versions, participant attendance, assessment results, and certification dates C) A summary of the trainer’s personal reflections D) A list of all coffee consumed during sessions Answer: B Explanation: Comprehensive records support compliance, tracking, and continuous improvement.
C) Are administered only at the end of the course D) Consist solely of self-assessment questionnaires Answer: B Explanation: Immediate feedback guides learning adjustments during the instructional process. Question 62. A reliable multiple-choice question should: A) Have only one clearly correct answer and plausible distractors B) Include “All of the above” as a frequent correct answer C. Be intentionally ambiguous to challenge learners D. Contain trick wording that confuses participants Answer: A Explanation: Clear correct answers and well-designed distractors enhance reliability. Question 63. In a performance-based assessment for secure code review, the learner is required to: A) List the top ten OWASP vulnerabilities from memory B) Demonstrate the use of a static analysis tool on a sample codebase and interpret the findings C) Write an essay on secure coding principles D) Complete a timed multiple-choice quiz on code review policies Answer: B Explanation: Demonstrating tool usage and interpretation reflects real-world skill. Question 64. Establishing a passing score of 80% for a practical exam reflects which principle of assessment design? A) Making the exam easier for all learners B) Setting a clear standard of performance that aligns with job requirements C) Reducing the need for remediation D. Ensuring only the top 10% pass Answer: B
Explanation: A defined benchmark ensures that certified learners meet the competency level required for the role. Question 65. Which Kirkpatrick level measures the learner’s satisfaction with the training experience? A) Level 1 – Reaction B) Level 2 – Learning C) Level 3 – Behavior D) Level 4 – Results Answer: A Explanation: Level 1 captures immediate reactions and satisfaction. Question 66. To evaluate Level 3 (Behavior) impact, the trainer should: A) Conduct a post-training quiz immediately after the session B) Observe or collect data on how participants apply new skills in their work over several weeks or months C) Survey participants about their enjoyment of the course D) Calculate the cost savings from the training program Answer: B Explanation: Behavior change is measured by observing on-the-job application over time. Question 67. Which metric best represents Kirkpatrick Level 4 (Results) for a DevSecOps training program? A) Number of participants who completed the course B) Increase in the number of security defects detected in production after training C) Average score on the final assessment D) Participant satisfaction rating on a post-course survey Answer: B Explanation: Level 4 assesses organizational impact, such as improved security outcomes.