最新のCOBIT-2019試験のリアル試験問題 本日無料更新されました [Q30-Q52]

Share

最新のCOBIT-2019試験のリアル試験問題 本日無料更新されました

COBIT-2019リアル試験問題解答は更新された[2025年03月06日]

質問 # 30
Which of the following comprises the "information flow" component of a governance system?

  • A. Process practices that include inputs and outputs
  • B. People, skills and competencies
  • C. Assignment of responsibility and accountability roles

正解:A


質問 # 31
Which of the following is an element of governance?

  • A. Building plans to align with the direction set by the governance body
  • B. Monitoring activities designed to achieve enterprise objectives
  • C. Evaluating stakeholder needs to determine enterprise objectives

正解:C

解説:
Explanation
An element of governance is evaluating stakeholder needs to determine enterprise objectives. This is based on the principle of stakeholder value, which states that "governance of enterprise I&T should ensure that stakeholder needs, conditions and options are evaluated to determine balanced, agreed-on enterprise objectives to be achieved; setting direction through prioritization and decision making; and monitoring performance and compliance against agreed-on direction and objectives" 1. Evaluating stakeholder needs involves identifying who the stakeholders are, what their interests and expectations are, and how they can influence or be influenced by the enterprise's activities2. 1: COBIT 2019 Framework: Introduction and Methodology, page 23 2: COBIT 2019 Framework: Governance and Management Objectives, page 18


質問 # 32
How does the flexibility of COBIT design factors benefit an enterprise?

  • A. It allows users to tailor the framework to align with specific enterprise needs.
  • B. It allows users to define and build the enterprise IT strategy from the framework.
  • C. It allows users to modify existing focus areas while ensuring new ones cannot be added.

正解:B

解説:
Reference https://community.mis.temple.edu/mis5203sec001sp2019/files/2019/01/COBIT-2019-Framework-Introduction-and-Methodology_res_eng_1118.pdf


質問 # 33
When considering the IT implementation methods design factor, and the design factor value is DevOps, which of the following should be a management objective priority?

  • A. Managed change acceptance and transitioning (BAI07)
  • B. Managed availability and capacity (BAI04)
  • C. Managed solution identification and build (BAI03)
  • D. Managed service requests and incidents (DSS02)

正解:C

解説:
Explanation
The IT implementation methods design factor describes how an enterprise develops, delivers, and maintains its IT solutions. DevOps is an IT implementation method that emphasizes collaboration, automation, integration, and feedback between the development and operations teams throughout the software development life cycle. One of the management objectives that should be prioritized when using DevOps is managed solution identification and build (BAI03), which involves defining, designing, building, testing, and deploying IT solutions that meet stakeholder requirements and expectations. This management objective supports the DevOps principles of continuous delivery, continuous integration, continuous testing, and continuous deployment, which aim to deliver high-quality IT solutions faster and more reliably.References: :
COBIT 2019 Design Guide, page 43-45 : COBIT 2019 Process Reference Guide, page 67-69


質問 # 34
Which of the following criteria must be met for a process to meet a higher capability level?

  • A. Capability is demonstrated on the most relevant process activities.
  • B. An identified subset of the activities of that level can be executed effectively.
  • C. All activities of that level are successfully performed.

正解:C

解説:
A process can meet a higher capability level if all activities of that level are successfully performed, in addition to the activities of lower levels. The capability levels range from 0 (incomplete) to 5 (optimizing), and each level has a set of generic attributes that describe the expected performance of the process activities2, p. 30. References: 2: COBIT 2019 Framework: Introduction and Methodology


質問 # 35
While value delivery focuses on the creation of value, risk management focuses on which of the following?

  • A. Optimization of value
  • B. Achievement of value
  • C. Preservation of value

正解:B


質問 # 36
Which of the following is a common characteristic of process capability levels 2 to 5?

  • A. The process's performance is monitored.
  • B. The process's purpose is achieved.
  • C. The process's description is well defined.

正解:C


質問 # 37
In most cases, management of the enterprise is the responsibility of:

  • A. the executive management team.
  • B. the project management office.
  • C. the board of directors.

正解:B

解説:
A strategic (enterprise) PMO (sometimes called the office of strategy management) plays a role in linking the organization's projects to its strategic plans.


質問 # 38
Which of the following is a KEY principle associated with the Accountable (A) role of an organizational structure?

  • A. Accountability cannot be shared.
  • B. Accountability must be approved by the board.
  • C. Accountability can be delegated.

正解:B


質問 # 39
When reviewing the risk profile of an enterprise during the governance design phase, what MUST be established prior to conducting a high-level risk analysis?

  • A. Key risk indicators (KRIs)
  • B. Risk response strategy
  • C. Risk management framework
  • D. Enterprise's risk appetite

正解:D

解説:
Explanation
The risk profile of an enterprise is a design factor that describes how an enterprise identifies, assesses, responds to, monitors, and reports on information and technology risks. The risk profile helps to determine the level of risk appetite and tolerance that an enterprise has for its information and technology activities, as well as the level of control and assurance that is required for its governance framework. When reviewing the risk profile of an enterprise during the governance design phase, one of the prerequisites that must be established prior to conducting a high-level risk analysis is the enterprise's risk appetite. The risk appetite is the amount and type of risk that an enterprise is willing to accept in pursuit of its objectives. The risk appetite provides a basis for defining the risk criteria, thresholds, indicators, and responses that will be used in the risk analysis process. The risk appetite also helps to align the governance framework with the enterprise's strategy and objectives.References: : COBIT 2019 Design Guide, page 41-43 : COBIT 2019 Framework: Introduction and Methodology, page 28-29


質問 # 40
When tailoring a governance system for an enterprise, which of the following is MOST important to consider for an operating environment with a high compliance requirement?

  • A. Enterprise strategy
  • B. Enterprise goals
  • C. Threat landscape
  • D. Geopolitical situation

正解:C

解説:
According to the COBIT 2019 Official Manual, it is important to consider the threat landscape when tailoring a governance system for an enterprise. This is especially important for operating environments with a high compliance requirement, as it helps ensure that the required security measures are in place to protect the enterprise from potential threats. Additionally, it is important to consider the enterprise goals and strategy when tailoring a governance system, as these will help inform the decisions made regarding the appropriate security measures. The geopolitical situation is not as relevant when tailoring a governance system, as it does not directly affect the security measures that need to be in place.


質問 # 41
Which of the following is the PRIMARY purpose of implementing an enterprise governance of information and technology (EGIT) system?

  • A. To comply with I&T regulatory requirements
  • B. To document I&T business objectives and processes
  • C. To deliver stakeholder value from I&T-enabled investments

正解:C

解説:
The primary purpose of implementing an enterprise governance of information and technology (EGIT) system is to deliver stakeholder value from I&T-enabled investments. An EGIT system is a set of components that provide direction, oversight, evaluation, monitoring, assurance, etc., for an enterprise's information and technology. An I&T-enabled investment is any initiative or project that involves the use of information and technology to create value for the enterprise. A stakeholder is a person or group that has an interest or concern in an enterprise's activities or outcomes. The primary purpose of implementing an EGIT system is to deliver stakeholder value from I&T-enabled investments by ensuring that they align with the enterprise strategy and objectives, optimize risks and resources, achieve expected benefits and outcomes, etc.12 References: COBIT
2019 Framework: Introduction and Methodology, COBIT 2019 Framework: Governance System


質問 # 42
Which of the following is a CRITICAL requirement when the IT function is strategic and crucial to the success of the business?

  • A. Highly capable security-related processes and ensured risk optimization
  • B. Documented IT policies and procedures
  • C. High involvement of IT-related roles in organizational structures

正解:C

解説:
Explanation
The high involvement of IT-related roles in organizational structures is a critical requirement when the IT function is strategic and crucial to the success of the business. The IT function is the part of the enterprise that is responsible for planning, delivering, operating, and supporting information and technology services. The IT function can have different levels of strategic importance for the business, depending on the nature, scope, and objectives of the enterprise. When the IT function is strategic and crucial to the success of the business, it means that information and technology are essential for creating value, achieving competitive advantage, enabling innovation, etc. In this case, it is critical to have high involvement of IT-related roles in organizational structures, such as having IT representation at the board level, having clear IT leadership roles and responsibilities, having effective IT governance committees or forums, etc.13 References: COBIT 2019 Framework: Introduction and Methodology, COBIT 2019 Framework: Roles, Responsibilities & RACI Charts


質問 # 43
Which of the following is a strategy archetype focused on increasing revenues?

  • A. Client service/stability
  • B. Growth/acquisition
  • C. Cost leadership
  • D. Innovation/differentiation

正解:B

解説:
The enterprise strategy archetype is a design factor that describes how an enterprise uses information and technology to achieve its goals and objectives. There are six enterprise strategy archetypes defined in COBIT
2019: growth/acquisition; operational excellence; customer intimacy; product leadership; data-driven; innovation-driven. Each archetype has different implications for the governance and management of information and technology in terms of focus areas processes practices roles structures,and metrics. The enterprise strategy archetype that is focused on increasing revenues is growth/acquisition. Growth/acquisition is a strategy archetype that emphasizes expanding market share revenue customer base or product range through organic growth or acquisition of other businesses or assets. This strategy archetype requires effective portfolio management of information and technology investmentsand initiatives that support business growth or acquisition objectives. Portfolio management involves selecting prioritizing balancing monitoring evaluating,and optimizing informationand technology investmentsand initiatives based on their alignment with business strategy value delivery potential risk exposure resource availability interdependencies etc.
Portfolio management also involves ensuring that informationand technology investmentsand initiatives are integrated with business processes systems structures culture etc especially in case of mergers or acquisitions.
5 References: 5: COBIT 2019 Design Guide: page 35-36 : COBIT 2019 Process Reference Guide: page 59-61


質問 # 44
Which of the following BEST describes the "managed innovation" management objective of the COBIT core model?

  • A. Achieve competitive advantage, improve customer experience and improve operational effectiveness.
  • B. Optimize available IT capabilities to support the IT strategy and roadmap.
  • C. Support the digital transformation strategy of the organization and deliver the desired value.

正解:A


質問 # 45
Which of the following MUST be done before an enterprise can determine performance measures for a process improvement initiative?

  • A. Calculate return on investment (ROI).
  • B. Conduct a capabilities assessment.
  • C. Perform a process risk assessment.

正解:C

解説:
According to the COBIT 2019 Process Assessment Model, one of the prerequisites for determining performance measures for a process improvement initiative is to perform a process risk assessment. A process risk assessment identifies and evaluates the potential threats and opportunities that may affect the achievement of process objectives. A process risk assessment also helps to prioritize improvement actions based on their impact and likelihood.4, p. 11-12 References: 4: COBIT 2019 Process Assessment Model: Using COBIT 2019


質問 # 46
Within the principles for a governance system, the value generated from the use of I&T reflects:

  • A. the ratio of costs versus achieved service levels.
  • B. maximized financial benefits to the investment portfolio.
  • C. a balance among benefits, risk and resources.

正解:C

解説:
Explanation
The value generated from the use of I&T reflects a balance among benefits, risk and resources. This is based on the principle of balance, which states that "governance of enterprise I&T should ensure that stakeholder needs, conditions and options are evaluated to determine balanced, agreed-on enterprise objectives to be achieved; setting direction through prioritization and decision making; and monitoring performance and compliance against agreed-on direction and objectives" 1. Value generation is not only about maximizing financial benefits or minimizing costs or risks, but also about optimizing them in relation to the expected outcomes7. References: 1: COBIT 2019 Framework: Introduction and Methodology, page 23 7: COBIT 2019 Framework: Governance and Management Objectives, page 19


質問 # 47
Which of the following is an important component for an enterprise strategy archetype of cost leadership as defined by COBIT 2019?

  • A. Support for the portfolio management role with an investment office
  • B. Skills and competencies
  • C. Organizational structures
  • D. Enterprise architect

正解:A

解説:
Explanation
An important component for an enterprise strategy archetype of cost leadership as defined by COBIT 2019 is support for the portfolio management role with an investment office. According to the COBIT 2019 Design Guide, cost leadership is one of the four generic enterprise strategy archetypes that describe how enterprises compete in their markets. Cost leadership means that an enterprise aims to offer the lowest prices for its products or services by minimizing its costs and maximizing its efficiency. One of the design factors that influence the governance system for a cost leadership strategy is the organizational structures. The COBIT
2019 Design Guide suggests that a cost leadership strategy requires a centralized and standardized organizational structure that supports the portfolio management role with an investment office. The portfolio management role is responsible for selecting, prioritizing, and balancing the IT investments that align with the enterprise strategy and objectives. The investment office is a function that assists the portfolio management role by providing financial analysis, reporting, and decision support. The support for the portfolio management role with an investment office helps to ensure that the IT investments are optimized for cost and value.
References: : COBIT 2019 Design Guide: Designing an Information & Technology Governance Solution, page 48 2 : COBIT 2019 Design Guide: Designing an Information & Technology Governance Solution, page
51


質問 # 48
Which of the following is an important principle of a proper governance framework?

  • A. The governance framework should allow for flexibility in addressing new issues.
  • B. The governance framework should be based on a single relevant standard, framework or regulation.
  • C. The governance framework should be rigorous and focus exclusively on prioritized existing issues.

正解:A


質問 # 49
Who is accountable for monitoring the performance of the execution of an EGIT implementation program plan against success metrics and adjusting long-term targets when necessary?

  • A. IT process owners
  • B. IT audit department
  • C. CIO
  • D. Board of directors

正解:D

解説:
According to the ISACA COBIT 2019 Framework, the Board of Directors is responsible for monitoring the performance of the execution of an EGIT implementation program plan against success metrics and adjusting long-term targets when necessary. This is specified in Domain 4, Objective 4.1: "Establish and govern the enterprise governance of IT (EGIT)". The Board of Directors is responsible for ensuring that the EGIT implementation program plan is executed according to the organization's objectives and in alignment with the enterprise strategy. Additionally, the Board of Directors is responsible for monitoring the EGIT program's progress and making adjustments when necessary.


質問 # 50
Which of the following frameworks has been used as a basis for developing guidance for the COBIT governance component of people, skills and competencies?

  • A. Skills Framework for the Information Age
  • B. Sans Security Policy Framework
  • C. Cyber Security Framework

正解:A

解説:
Explanation
The Skills Framework for the Information Age (SFIA) has been used as a basis for developing guidance for the COBIT governance component of people, skills and competencies. SFIA is a globally recognized framework that describes the skills required by professionals who work with information and technology2, p. 36. References: 2: COBIT 2019 Framework: Introduction and Methodology


質問 # 51
It is CRITICAL to perform a due diligence review following which type of event?

  • A. Shifts in the market or economy
  • B. Merger, acquisition, or divestiture
  • C. External consultant assessment
  • D. New business strategy or priority

正解:B

解説:
Explanation
A due diligence review is a process that involves conducting a comprehensive analysis and assessment of an enterprise's information and technology assets, capabilities, risks, issues, opportunities, etc., before making a significant decision or transaction. A due diligence review helps to ensure that an enterprise has a clear understanding of the current state and potential impacts of its information and technology activities on its strategy, objectives, performance, value, etc., as well as on its compliance with relevant laws, regulations, standards, guidelines, contracts, or agreements. It is critical to perform a due diligence review following a merger, acquisition, or divestiture event. A merger is an event that involves combining two or more enterprises into one entity. An acquisition is an event that involves one enterprise purchasing another enterprise or its assets. A divestiture is an event that involves one enterprise selling or transferring part of its business or assets to another enterprise. By performing a due diligence review following a merger acquisition or divestiture event an enterprise can ensure that it has identified and addressed any information and technology related risks issues gaps etc., that may arise from the integration or separation of information and technology assets capabilities processes systems structures culture etc., that it has aligned its information and technology governance and management with its new strategy objectives needs expectations etc., that it has optimized its information and technology performance and value delivery etc34 References: 3: COBIT 2019 Framework:
Governance and Management Objectives: page 20-21 4: COBIT 2019 Design Guide: page 47-48


質問 # 52
......

最新のCOBIT-2019学習ガイド2025年最新の- 提供するのはテストエンジンとPDF:https://jp.fast2test.com/COBIT-2019-premium-file.html

お手軽に合格させる最新のISACA COBIT-2019問題集には195問があります:https://drive.google.com/open?id=150EgrRPKEw4MJNwB0LdujBtPKGzR0rF0


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어