The Open Group TOGAF Enterprise Architecture Combined Part 1 and Part 2 Sample Questions:

1. Which of the following are two of the architecture domains that are considered as subsets of an overall Enterprise Architecture?

A) Vision, Target
B) Business, Technology
C) Strategy, Enterprise
D) Technology, Digital

2. Which of the following is a responsibility of an Architecture Board?

A) Conducting assessments of the maturity level of architecture discipline within the organization
B) Achieving consistency between sub-architectures
C) Determining the scope of an architecture compliance review
D) Allocating resources for architecture projects

3. Please read this scenario prior to answering the question
You are employed as an Enterprise Architect, reporting to the Chief Enterprise Architect, at a technology company. The company uses the TOGAF standard as the method and guiding framework for its Enterprise Architecture (EA) practice.
The nature of the business is such that the data and the information stored on the company systems is the company's major asset and is highly confidential. The company employees travel a lot for work and need to communicate over public infrastructure. They use message encryption, secure internet connections using Virtual Private Networks (VPNs), and other standard security measures. The company has provided computer security awareness training for all its staff. However, despite good education and system security, there is still a need to rely on third-party suppliers for infrastructure and software.
The Chief Security Officer (CSO) has noted an increase in ransomware (malicious software used in ransom demands) attacks on companies with a similar profile. The CSO recognizes that no matter how much is spent on education, and support, the company could be a victim of a significant attack that could completely lock them out of their important data.
A risk assessment has been completed and the company has looked for cyber insurance that covers ransomware. The price for this insurance is very high. The CTO recently saw a survey that said 1 out of 4 businesses that paid ransoms could not get their data back, and almost the same number were able to recover the data without paying. The CTO has decided not to get cyber insurance to cover ransom payment.
The Chief Technology Officer (CTO) is the sponsor of the EA project. The practice uses an iterative approach for its architecture development. This has enabled the decision makers to gain valuable insights into the different aspects of the business.
Refer to the scenario
You have been asked to describe the steps you would take to strengthen the current architecture to improve data protection.
Based on the TOGAF standard which of the following is the best answer?

A) You would ensure that the business value and cost of continuity measures are understood by key stakeholders and would ensure that the company has in place up-to-date processes for managing change to the current Enterprise Architecture. You recommend that mitigation for a ransomware attach be addressed at the infrastructure level with specific technology controls. Changes should be made to the baseline description of the Technology Architecture. The changes should be approved by the Architecture Board and a change request approved.
B) You would hold an Architecture Compliance Review with the scope to examine the company's ability to respond to ransomware attacks. You would identify the departments involved and have them nominate representatives. You would then tailor checklists to address the requirement for increased business continuity and resilience. You would circulate to the nominated representatives for them to complete. You would then review the completed checklists, identifying and resolving issues. You would then determine and present your recommendations.
C) You would contact existing suppliers for technology that could enhance the company's capabilities to detect, react, and recover from an incident. You would perform an analysis and assessment of a simulated ransomware attack to evaluate the current Enterprise Architecture's resilience and recovery capabilities. Using the findings, you would prepare a gap analysis of the current Enterprise Architecture. You would prepare change requests to address identified gaps. You would add the changes implemented to the Architecture Repository.
D) You would run an assessment to identify the business continuity requirements and analyze thecurrent Enterprise Architecture for gaps. You would create a change request to start a further cycle of architecture work to address changes to mitigate such an attack. You would arrange a meeting of the Architecture Board to assess and approve the change request. Once approved you would create a new Request for Architecture Work to begin an ADM cycle to implement the changes.

4. Complete the sentence. Actions arising from the Business Transformation Readiness Assessment technique should be incorporated in the

A) Architecture Requirements Specification
B) Architecture Roadmap
C) Implementation Governance Model
D) Implementation and Migration Plan

5. Scenario:
You are working as an Enterprise Architect within an Enterprise Architecture (EA) team at an electric vehicle manufacturer. The company produces electric cars and battery systems. The goal of the company is to build the best technology and software platform for electric vehicles.
The company has decided to introduce a major change to its vehicle design over a five-year period. This will be a cross-functional effort between hardware and software teams, delivering significant new features in the vehicles they manufacture. It is planned to be developed in phases.
An architecture to support strategy has been completed with a roadmap for a set of projects.
The EA team has inherited the architecture for the hardware and software automotive platform used by current vehicles, some of which can be carried over to the new vehicle design. The EA team has started to define which parts of the architecture to carry forward.
The presentation and access to different variations of data that the company plans to offer through its vehicles creates an architecture challenge. The application portfolio and supportinginfrastructure must connect with multiple cloud services and data repositories in different countries to be able to handle large-scale data.
Enough of the Business Architecture has been defined, so that work can commence on the Information Systems and Technology Architectures. These architectures need to be defined to support the primary business services that the company plans to provide. These services will manage and process the data created by vehicles, paving the way for self-driving vehicles in the future.
The company uses the TOGAF Standard as the basis for its Enterprise Architecture framework.
The EA team reports to the Chief Technical Officer (CTO), who is the sponsor of the EA program.
The CTO requires that the EA team follow the purpose-based EA Capability model as described in:
The TOGAF Series Guide: A Practitioners' Approach to Developing Enterprise Architecture Following the TOGAF ADM.
Refer to the scenario:
You have been asked how to decide and organize the work to deliver the requested architectures.
Based on the TOGAF standard, which of the following is the best answer?

A) You research leading data companies, using your findings to help in developing high-level Target Data, Application, and Technology Architectures. You review the Architecture Vision to determine the level of detail, time, and scope of the ADM cycle phases required for architecture development for the project. You identify and estimate the cost of the main work packages. You then create an Architecture Roadmap and request the Architecture Board to approve the roadmap. You then start the project.
B) You look to the superior architecture to help plan your approach. You identify projects, dependencies, and synergies, then decide the order for starting the projects. You then develop high-level architecture descriptions. For each project, you determine how much work is needed, identify reference architectures, and candidate building blocks. You identify the resource needs taking into account cost and value. You document the different options, risks, and ways to control them to enable feasibility analysis and trade-offs with the stakeholders.
C) You look outside the company to study how other companies organize their data models and application portfolios. You request just enough architecture description for the Application, Data, and Technology Architectures to identify different options. For each project, this includesidentifying architecture and solution building blocks. You then identify solution providers and perform a readiness assessment on the new approaches.
D) You commence an iteration of ADM Phase A, identifying the stakeholders and revising the Architecture Vision. You perform a Stakeholder Analysis and update the Stakeholder Map created for the strategic architecture so it reflects the stakeholders who are now the most important to the projects that are to be developed. You then request the CTO to make some choices about the Architecture Roadmap and update the Implementation and Migration Plan to reflect the choices.

Solutions: