ExamTopics Logo
Mail Us[email protected]
Menu
The-Open-Group Discussions
exam questions

Exam OGEA-103 All Questions

View all questions & answers for the OGEA-103 exam
Go to Exam

Exam OGEA-103 topic 1 question 120 discussion

Actual exam question from The Open Group's OGEA-103
Question #: 120
Topic #: 1
[All OGEA-103 Questions]

Please read this scenario prior to answering the question

You are an Enterprise Architect working at an electric vehicle manufacturer. You are part of an Enterprise Architecture (EA) team that has responsibilities across multiple divisions of the company. The company produces electric cars, and battery systems. The goal of the company is to build the best technology and software platform to support self-driving cars.

An architecture to support strategy has been completed defining a long-term Target Architecture with a roadmap over five years. This has identified the need for a portfolio of projects over the next two years. The portfolio includes the development of travel assistance systems using data gathered from multiple vehicles on the road.

The design of the presentation and accessibility of different types of data that the company plans to offer through its platform appears to be challenging. It is important for the application portfolio to work securely with third-party cloud services and V2X (Vehicle-to-Everything) service providers across many countries in order to effectively manage large amounts of data. Stakeholders are particularly concerned about the security of V2X. Regulations in various markets mandate that user privacy must always be safeguarded, to prevent tracking and compiling of data that could reveal drivers’ journeys.

The company uses the TOGAF Standard as the basis for its Enterprise Architecture framework. Architecture development within the company uses the purpose-based EA Capability Model as described in the TOGAF Series Guide: A Practitioner’s Approach to Developing Enterprise Architecture Following the TOGAF® ADM. The EA team reports to the Chief Information Officer (CIO), who is the sponsor of the EA program.

The current phase of architecture development is focused on the Business Architecture, which needs to support the primary travel assistance services that the company plans to provide. These services will manage and process the data created by vehicles, paving the way for self-driving vehicles in the future.


Refer to the scenario -

You have been asked to describe the risk and security considerations you would include in the current phase of the architecture development.

Based on the TOGAF Standard, which of the following is the best answer?

  • A. You focus on data quality as it is a key factor in risk management. You identify the datasets that need to be safeguarded. For each dataset, you assign ownership and responsibility for the quality of data needs. A security classification will be defined and applied to each dataset. The dataset owner is then able to authorize processes that are trusted for a certain activity on the dataset under specific circumstances.
  • B. You perform a qualitative risk assessment for the data assets exchanged with partners. This delivers a set of priorities, high to medium to low, based on identified threats, the likelihood of occurrence, and the impact if it does occur. Using the priorities, you then develop a Business Risk Model that details the risk strategy including classifications to determine what mitigation is enough.
  • C. You create a security domain model so that assets with the same level can be managed under one security policy. Since data is being shared across partners, you establish a security federation to include them. This includes contractual arrangements, and a definition of the responsibility areas for the exchanged data, as well as security implications. You undertake a risk assessment determining risks relevant to specific data assets.
  • D. You focus on the relationship with the third parties required for the travel assistance systems and define a trust framework. This describes the relationship with each party. Digital certificates are a key part of the framework and will be used to create trust between parties. You monitor legal and regulatory changes across all countries to keep the trust framework in compliance.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by LYogi at July 3, 2025, 4:47 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
LYogi
5 days, 18 hours ago
Selected Answer: B
The question specifically asks about risk and security considerations for the Business Architecture phase. This phase defines the organizational structure, business processes, and business services required to achieve the target. Security considerations at this level should address the business implications of risk, data sensitivity, and external interactions, laying the groundwork for more detailed technical security in later phases.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel