OGEA-102 Practice Test

Please read this scenario prior to answering the question
You have been appointed as senior architect working for an autonomous driving technology development company. The mission of the company is to build an industry leading unified technology and software platform to support connected cars and autonomous driving.
The company uses the TOGAF Standard as the basis for its Enterprise Architecture (EA) framework. Architecture development within the company follows the purpose-based EA Capability model as described in the TOGAF Series Guide: A Practitioners'Approach to Developing Enterprise Architecture Following the TOGAF® ADM.
An architecture to support strategy has been completed defining a long-range Target Architecture with a roadmap spanning five years. This has identified the need for a portfolio of projects over the next twoyears. The portfolio includes development of travel assistance systems using swarm data from vehicles on the road.
The current phase of architecture development is focused on the Business Architecture which needs to support the core travel assistance services that the company plans to provide. The core services will manage and process the swarm data generated by vehicles, paving the way for autonomous driving in the future.
The presentation and access to different variations of data that the company plans to offer through its platform poses an architecture challenge. The application portfolio needs to interact securely with various third-party cloud services, and V2X (Vehicle-to-Everything) service providers in many countries to be able to manage the data at scale. The security of V2X is a key concern for the stakeholders. Regulators have stated that the user's privacy be always protected, for example, so that the drivers' journey cannot be tracked or reconstructed by compiling data sent or received by the car.

Refer to the scenario

You have been asked to describe the risk and security considerations you would include in the current phase of the architecture development?
Based on the TOGAF standard which of the following is the best answer?

A. You will focus on the relationship with the third parties required for the travel assistance systems and define a trust framework. This will describe the relationship with each party. Digital certificates are a key part of the framework and will be used to create trust between parties. You will monitor legal and regulatory changes across all the countries to keep the trust framework in compliance.

B. You will perform a qualitative risk assessment for the data assets exchanged with partners. This will deliver a set of priorities, high to medium to low, based on identified threats, the likelihood of occurrence, and the impact if it did occur. Using the priorities, you would then develop a Business Risk Model which will detail the risk strategy including classifications to determine what mitigation is enough.

C. You will focus on data quality as it is a key factor in risk management. You will identify the datasets that need to be safeguarded. For each dataset, you will assign ownership and responsibility for the quality of data needs. A security classification will be defined and applied to each dataset. The dataset owner will then be able to authorize processes that are trusted for a certain activity on the dataset under certain circumstances.

D. You will create a security domain model so that assets with the same level can be managed under one security policy. Since data is being shared across partners, you will establish a security federation to include them. This would include contractual arrangements, and a definition of the responsibility areas for the data exchanged, as well as security implications. You would undertake a risk assessment determining risks relevant to specific

Please read this scenario prior to answering the question

Your role is that of a senior architect, reporting to the Chief Enterprise Architect, at a medium-sized company with 400 employees. The nature of the business is such that the data and the information stored on the company systems is their major asset and is highly confidential.
The company employees travel extensively for work and must communicate over public infrastructure using message encryption, VPNs, and other standard safeguards. The company has invested in cybersecurity awareness training for all its staff. However, it is recognized that even with good education as well as system security, there is a dependency on third-parly suppliers of infrastructure and software.
The company uses the TOGAF standard as the method and guiding framework for its Enterprise Architecture (EA) practice. The CTO is the sponsor of the activity.
The Chief Security Officer (CSO) has noted an increase in ransomware (malicious software used in ransom demands) attacks on companies with a similar profile. The CSO recognizes that no matter how much is spent on education, and support, it is likely just a matter of time before the company suffers a significant attack that could completely lock them out of their information assets.
A risk assessment has been done and the company has sought cyber insurance that includes ransomware coverage. The quotation for this insurance is hugely expensive. The CTO has recently read a survey that stated that one in four organizations paying ransoms were still unable to recover their data, while nearly as many were able to recover the data without paying a ransom. The CTO has concluded that taking out cyber insurance in case they need to pay a ransom is not an option.

Refer to the scenario

You have been asked to describe the steps you would take to improve the resilience of the current architecture?
Based on the TOGAF standard which of the following is the best answer?

A. You would determine business continuity requirements, and undertake a gap analysis of the current Enterprise Architecture. You would make recommendations for change requirements to address the situation and create a change request. You would manage a meeting of the Architecture Board to assess and approve the change request. Once approved you would produce a new Request for Architecture Work to activate an ADM cycle to carry out a project t

B. You would monitor for technology changes from your existing suppliers that could improve resilience. You would prepare and run a disaster recovery planning exercise for a ransomware attack and analyze the performance of the current Enterprise Architecture. Using the findings, you would prepare a gap analysis of the current Enterprise Architecture. You would prepare change requests to address identified gaps. You would add the changes implem

C. You would ensure that the company has in place up-to-date processes for managing change to the current Enterprise Architecture. Based on the scope of the concerns raised you recommend that this be managed at the infrastructure level. Changes should be made to the baseline description of the Technology Architecture. The changes should be approved by the Architecture Board and implemented by change management techniques.

D. You would request an Architecture Compliance Review with the scope to examine the company's resilience to ransomware attacks. You would identify the departments involved and have them nominate representatives. You would then tailor checklists to address the requirement for increased resilience. You would circulate to the nominated representatives for them to complete. You would then review the completed checklists, identifying and resolving

Please read this scenario prior to answering the question

You are the Lead Enterprise Architect at a major agribusiness company. The company's main harvest is lentils, a highly valued food grown worldwide. The lentil parasite, broomrape, has been an increasing concern for many years and is now becoming resistant to chemical controls. In addition, changes in climate favor the propagation and growth of the parasite. As a result, the parasite cannot realistically be exterminated, and it has become pandemic, with lentil yields falling globally.
In response to the situation, the CEO has decided that the lentil fields will be used for another harvest. The company will also cease to process third-party lentils and will repurpose its processing plants. Thus, the target market will change, and the end-products will be different and more varied.
The company has recently established an Enterprise Architecture practice based on the TOGAF standard as method and guiding framework. The CIO is the sponsor of the activity. A formal request for architecture change has been approved. At this stage there is no fixed scope, shared vision, or objectives.

Refer to the scenario

You have been asked to propose the best approach for architecture development to realize the CEO's change in direction for the company.

Based on the TOGAF standard which of the following is the best answer?

A. You propose that this engagement define the baseline Technology Architecture first in order to assess the current infrastructure capacity and capability for the company. Then the focus should be on transition planning and incremental architecture deployment. This will identify requirements to ensure that the projects are sequenced in an optimal fashion so as to realize the change.

B. You propose that the team uses the architecture definition document and focus on architecture development starting simultaneously phases B, C and D. This is because the CEO has identified the need to change. This will ensure that the change can be defined in a structured manner and address the requirements needed to realize the change.

C. You propose that the team focus on architecture definition including development of business models, with emphasis on defining the change parameters to support this new business strategy that the CEO has identified. Once understood, the team will be in the best position to identify the requirements, drivers, issues, and constraints for the change.

D. You propose that the priority is to produce a new Request for Architecture Work leading to development of a new Architecture Vision. The trade-off method should be applied to identify and select an architecture satisfying the stakeholders. For an efficient change the EA team should be aligned with the organization's planning, budgeting, operational, and change processes.

Please read this scenario prior to answering the question

You are working as the Chief Enterprise Architect within a law firm specializing in personal injury cases. Many of the firm's competitors have improved their litigation strategies, and efficiency by streamlining their processes using Artificial Intelligence {Al).

The CIO has approved a Request for Architecture Work to examine the use of Machine Learning in defining a new Al-driven litigation and finance process for the firm. This process would instruct the lawyers and analysts as to what tasks and portfolio they should work on. The key objectives are to increase task profitability, maximize staff utilization, and increase individual profitability.

The CIO has emphasized that the architecture should enable the fast implementation of continuous Machine Learning. The solution will need to be constantly measured for delivered value and be quickly iterated to success.

Some of the partners have expressed concerns about letting the Al make the decisions, others about the risks associated with use of it for the type of service they deliver. The CIO wants to know if these concerns can be addressed, and how risks will be covered by a new architecture enabling Al and Machine Learning.

Refer to the scenario

You have been asked to respond to the CIO recommending an approach that would enable the development of an architecture that addresses the concerns of the CIO and the concerns of the partners.

Based on the TOGAF standard which of the following is the best answer?

A. You recommend that a Communications Plan be created to address the key stakeholders, the most powerful and influential partners. This plan should include a report that summarizes the key features of the architecture reflecting their requirements. You will check with each key stakeholder that their concerns are being addressed. Risk mitigation and agility will be explicitly addressed as a component of the architecture being developed.

B. You recommend that an analysis of the stakeholders is undertaken resulting in documenting the stakeholders and their concerns in a Stakeholder Map. The concerns and relevant views should then be defined for each group and recorded in the Architecture Vision document. The requirements will include risk mitigation through regular assessments. This will also allow a supervised agile implementation of the continuous Machine Learning.

C. You recommend that all possible models be created for each candidate architecture that will enable the Al and Machine Learning solution. This ensures that all the necessary data and detail is addressed. A formal review should be held with the stakeholders to verify that their concerns have been properly addressed by the models. Agility will be considered during Phase G Implementation Governance.

D. You recommend creation of a set of business models that can be applied uniformly across all architecture projects. The stakeholders will be trained to understand the business models to ensure they can see that their concerns are being addressed. Risk will be addressed once the Security Architecture is developed, which will happen later to avoid slowing down the agility required by the CIO.

You are working as an Enterprise Architect within the Enterprise Architecture (EA) team at a healthcare and life sciences company. The EA team is developing a secure system for researchers to share clinical trial information easily across the organization and with external partners.

Due to the highly sensitive nature of the information, each architecture domain must consider privacy and safety concerns. The healthcare division has been directed to minimize disruptions to clinical trials while introducing the new system gradually.

How would you identify the work packages for introducing the new system? Based on the TOGAF standard, which of the following is the best answer?

A. Use a Consolidated Gaps, Solutions, and Dependencies Matrix to create work packages and sequence them into Capability Increments. Document in a Transition Architecture State Evolution Table.

B. Identify Solution Building Blocks for development or procurement, then use a CRUD matrix to rank and select the most cost-effective work packages. Schedule the rollout sequentially across regions.

C. Use a Consolidated Gaps, Solutions, and Dependencies Matrix to classify each solution, group them into work packages, then regroup into Capability Increments. Document in an Architecture Definition Increments Table.

D. Draw up an Implementation Factor Catalog to indicate actions and constraints. Use a Consolidated Gaps, Solutions, and Dependencies Matrix, then group similar activities into work packages and identify dependencies.