検証済みCybersecurity-Audit-Certificate問題集と解答で2023年最新のCybersecurity-Audit-Certificateをダウンロード [Q21-Q45]

Share

検証済みCybersecurity-Audit-Certificate問題集と解答で2023年最新のCybersecurity-Audit-Certificateをダウンロード

更新された100%カバー率リアルCybersecurity-Audit-Certificate試験問題で100%合格保証付いてます

質問 # 21
Which of the following is the GREATEST drawback when using the AICPA/CICA Trust Sen/ices to evaluate a cloud service provider?

  • A. Lack of specificity m the principles
  • B. Incompatibility with cloud service business model
  • C. Omission of confidentiality in the criteria
  • D. Inability to issue SOC 2 or SOC 3 reports

正解:A

解説:
Explanation
The GREATEST drawback when using the AICPA/CICA Trust Services to evaluate a cloud service provider is the lack of specificity in the principles. This is because the AICPA/CICA Trust Services are a set of principles and criteria that provide guidance for evaluating and reporting on controls over information systems and services. However, the principles and criteria are very broad and generic, and do not address the specific risks and challenges that are associated with cloud services, such as data sovereignty, multi-tenancy, portability, etc. The other options are not drawbacks when using the AICPA/CICA Trust Services to evaluate a cloud service provider, but rather different aspects or benefits of using the AICPA/CICA Trust Services to evaluate a cloud service provider, such as compatibility (A), confidentiality C, or reporting (D).


質問 # 22
Which of the following is an attack attribute of an advanced persistent threat (APT) that is designed to remove data from systems and networks?

  • A. Infiltration attack vector
  • B. Adversarial threat event
  • C. Kill chain modeling
  • D. Exfiltration attack vector

正解:D

解説:
Explanation
An example of an attack attribute of an advanced persistent threat (APT) that is designed to remove data from systems and networks is an exfiltration attack vector. An exfiltration attack vector is a method or channel that an APT uses to transfer data from a compromised system or network to an external location. Examples of exfiltration attack vectors include email, FTP, DNS, HTTP, or covert channels.


質問 # 23
Which of the following is the BEST indication that an organization's vulnerability management process is operating effectively?

  • A. The vulnerability program is formally approved
  • B. The vulnerability program is reviewed annually.
  • C. Remediation efforts are prioritized.
  • D. Remediation efforts are communicated to management

正解:C

解説:
Explanation
The BEST indication that an organization's vulnerability management process is operating effectively is that remediation efforts are prioritized. This is because prioritizing remediation efforts helps to ensure that the most critical and urgent vulnerabilities are addressed first, based on their severity, impact, and exploitability.
Prioritizing remediation efforts also helps to optimize the use of resources and time for mitigating vulnerabilities and reducing risks. The other options are not as indicative of an effective vulnerability management process, because they either involve communicating (A), approving (B), or reviewing C aspects that are not directly related to remediating vulnerabilities.


質問 # 24
What is the FIRST activity associated with a successful cyber attack?

  • A. Creating attack tools
  • B. Reconnaissance
  • C. Maintaining a presence
  • D. Exploitation

正解:B

解説:
Explanation
The FIRST activity associated with a successful cyber attack is reconnaissance. This is because reconnaissance is a phase of the cyber attack lifecycle that involves gathering information about the target organization or system, such as its network topology, IP addresses, open ports, services, vulnerabilities, etc. Reconnaissance helps to identify potential entry points and weaknesses that can be exploited by the attackers in later phases of the attack. The other options are not the first activity associated with a successful cyber attack, but rather follow after reconnaissance in the cyber attack lifecycle, such as exploitation (A), maintaining a presence C, or creating attack tools (D).


質問 # 25
Which of the following is the BEST indication of mature third-party vendor risk management for an organization?

  • A. The organization's security program follows the thud party's security program.
  • B. The third party's security program Mows the organization s security program.
  • C. The third party maintains annual assessments of control effectiveness.
  • D. The organization maintains vendor security assessment checklists.

正解:D

解説:
Explanation
The BEST indication of mature third-party vendor risk management for an organization is that the organization maintains vendor security assessment checklists. This is because vendor security assessment checklists help the organization to evaluate and monitor the security posture and performance of their third-party vendors, based on predefined criteria and standards. Vendor security assessment checklists also help the organization to identify and mitigate any gaps or issues in the vendor's security controls or processes.
The other options are not as indicative of mature third-party vendor risk management for an organization, because they either involve following or mimicking the security program of either party without considering their own needs or risks (A, D), or relying on the vendor's self-assessment without independent verification or validation C.


質問 # 26
Which of the following provides the GREATEST assurance that data can be recovered and restored in a timely manner in the event of data loss?

  • A. Data backups are available onsite for recovery.
  • B. The recovery plan is executed during or after an event
  • C. Backups of information are regularly tested.
  • D. full data backup is performed daily.

正解:C

解説:
Explanation
The feature that provides the GREATEST assurance that data can be recovered and restored in a timely manner in the event of data loss is that backups of information are regularly tested. This is because testing backups helps to ensure that they are valid, complete, and usable, and that they can be restored within the expected time frame and without errors or corruption. Testing backups also helps to identify and resolve any issues or problems with the backup process, media, or software. The other options are not features that provide the greatest assurance that data can be recovered and restored in a timely manner in the event of data loss, but rather different aspects or factors that affect the backup process, such as availability (B), execution C, or frequency (D) of backups.


質問 # 27
Which of the following is the BEST method of maintaining the confidentiality of digital information?

  • A. Use of backups and business continuity planning
  • B. Use of access controls, file permissions, and encryption
  • C. Use of logging digital signatures, and write protection
  • D. Use of the awareness tracing programs and related end-user testing

正解:B

解説:
Explanation
The BEST method of maintaining the confidentiality of digital information is using access controls, file permissions, and encryption. This is because these techniques help to prevent unauthorized access, disclosure, or modification of digital information, by restricting who can access the information, what they can do with it, and how they can access it. The other options are not as effective as using access controls, file permissions, and encryption, because they either relate to protecting availability (B), integrity C, or awareness (D).


質問 # 28
Which of the following is the GREATEST advantage of using a virtual private network (VPN) over dedicated circuits and dial-in servers?

  • A. It is more secure
  • B. It is more cost effective.
  • C. It is higher speed.
  • D. It is more reliable

正解:B

解説:
Explanation
The GREATEST advantage of using a virtual private network (VPN) over dedicated circuits and dial-in servers is that it is more cost effective. This is because a VPN is a technology that creates a secure and encrypted connection between a client and a server over an existing public network, such as the Internet. A VPN reduces the cost of establishing and maintaining a secure communication channel, as it does not require any additional hardware, software, or infrastructure, unlike dedicated circuits and dial-in servers, which require dedicated lines, modems, routers, switches, etc. The other options are not the greatest advantage of using a VPN over dedicated circuits and dial-in servers, because they either involve security (A), reliability (B), or speed C aspects that may not be significantly different or better than dedicated circuits and dial-in servers.


質問 # 29
One way to control the integrity of digital assets is through the use of:

  • A. frameworks.
  • B. caching
  • C. hashing.
  • D. policies.

正解:C

解説:
Explanation
One way to control the integrity of digital assets is through the use of hashing. This is because hashing is a technique that applies a mathematical function to a digital asset, such as a file or a message, and produces a unique and fixed-length value, known as a hash or a digest. Hashing helps to verify the integrity of digital assets, by comparing the hash values before and after transmission or storage, and detecting any changes or modifications to the original asset. The other options are not ways to control the integrity of digital assets, but rather different concepts or techniques that are related to information security, such as policies (A), frameworks (B), or caching C.


質問 # 30
Cyber threat intelligence aims to research and analyze trends and technical developments in which of the following areas?

  • A. Cybersecurity operations management
  • B. Cybercrime, hacktism. and espionage
  • C. Cybersecurity risk scenarios
  • D. Industry-specific security regulator

正解:B

解説:
Explanation
Cyber threat intelligence aims to research and analyze trends and technical developments in the areas of cybercrime, hacktivism, and espionage. These are the main sources of malicious cyber activities that pose risks to organizations and individuals. Cyber threat intelligence helps to understand the motivations, capabilities, tactics, techniques, and procedures of various threat actors and groups.


質問 # 31
The second line of defense in cybersecurity includes:

  • A. risk management monitoring, and measurement of controls.
  • B. conducting organization-wide control self-assessments.
  • C. separate reporting to the audit committee within the organization.
  • D. performing attack and breach penetration testing.

正解:A

解説:
Explanation
The second line of defense in cybersecurity includes risk management monitoring, and measurement of controls. This is because the second line of defense is responsible for ensuring that the first line of defense (the operational managers and staff who own and manage risks) is effectively designed and operating as intended.
The second line of defense also provides guidance, oversight, and challenge to the first line of defense. The other options are not part of the second line of defense, but rather belong to the first line of defense (A), the third line of defense C, or an external service provider (D).


質問 # 32
Which of the following presents the GREATEST challenge to information risk management when outsourcing IT function to a third party?

  • A. It is difficult to determine vendor financial viability to assess their potential inability to meet contract requirements.
  • B. Providers may be reluctant to share technical delays on the extent of their information protection mechanisms.
  • C. Providers may be restricted from providing detailed ^formation on their employees.
  • D. It is difficult to know the applicable regulatory requirements when data is located on another country.

正解:B

解説:
Explanation
The GREATEST challenge to information risk management when outsourcing IT function to a third party is that providers may be reluctant to share technical details on the extent of their information protection mechanisms. This is because providers may consider their information protection mechanisms as proprietary or confidential, or may not want to reveal their weaknesses or vulnerabilities. This makes it difficult for the outsourcing organization to assess the level of security and compliance of the provider, and to monitor and audit their performance. The other options are not as challenging as providers being reluctant to share technical details, because they either involve legal or contractual aspects that can be clarified or negotiated before outsourcing (A, D), or human resource aspects that can be verified or validated by the provider C.


質問 # 33
Which of the following contains the essential elements of effective processes and describes an improvement path considering quality and effectiveness?

  • A. Capability maturity model integration
  • B. 60 270042009
  • C. Balanced scorecard
  • D. COBIT 5

正解:A

解説:
Explanation
The document that contains the essential elements of effective processes and describes an improvement path considering quality and effectiveness is Capability Maturity Model Integration (CMMI). This is because CMMI is a framework that defines five levels of process maturity, from initial to optimized, and provides best practices and guidelines for improving the quality and effectiveness of processes across different domains, such as software development, service delivery, or cybersecurity. The other options are not documents that contain the essential elements of effective processes and describe an improvement path considering quality and effectiveness, but rather different types of documents or tools that provide guidance or recommendations for implementing policies or controls, such as Balanced Scorecard (B), ISO 27004:2009 C, or COBIT 5 (D).


質問 # 34
Which process converts extracted information to a format understood by investigators?

  • A. Reporting
  • B. imaging
  • C. Filtering
  • D. Ingestion

正解:A

解説:
Explanation
The process that converts extracted information to a format understood by investigators is reporting. This is because reporting is a technique that involves presenting and communicating the results and findings of an investigation in a clear, concise, and accurate manner, using appropriate formats, such as tables, charts, graphs, etc. Reporting helps to convey the meaning and significance of the extracted information to the investigators, as well as other stakeholders, such as management, auditors, regulators, etc. The other options are not processes that convert extracted information to a format understood by investigators, but rather different techniques that are related to information extraction or analysis, such as ingestion (B), imaging C, or filtering (D).


質問 # 35
Which of the following cloud characteristics refers to resource utilization that can be optimized by leveraging charge-per-use capabilities?

  • A. Measured service
  • B. On demand self-service
  • C. Elasticity
  • D. Resource pooling

正解:A

解説:
Explanation
The cloud characteristic that refers to resource utilization that can be optimized by leveraging charge-per-use capabilities is measured service. This is because measured service is a characteristic of cloud computing that involves monitoring, controlling, and reporting on the usage and consumption of cloud resources by cloud providers and consumers. Measured service helps to optimize resource utilization by leveraging charge-per-use capabilities, which means that cloud consumers only pay for the amount of resources that they actually use or consume, rather than paying for fixed or predetermined amounts of resources. The other options are not cloud characteristics that refer to resource utilization that can be optimized by leveraging charge-per-use capabilities, but rather different characteristics of cloud computing that describe other aspects or benefits of cloud services, such as on demand self-service (A), elasticity (B), or resource pooling (D).


質問 # 36
Which of the following is the SLOWEST method of restoring data from backup media?

  • A. Differential Backup
  • B. Full backup
  • C. Monthly backup
  • D. Incremental backup

正解:D

解説:
Explanation
The SLOWEST method of restoring data from backup media is an incremental backup. This is because an incremental backup is a type of backup that only copies the files that have been created or modified since the previous backup, whether it was a full or an incremental backup. An incremental backup makes the restoration process slower, as it requires restoring multiple backups in a specific order and sequence, starting from the last full backup and then applying each incremental backup until the desired point in time is reached. The other options are not methods of restoring data from backup media that are slower than an incremental backup, but rather different types of backup procedures that copy files based on different criteria, such as monthly backup (A), full backup (B), or differential backup C.


質問 # 37
Which of the following is a MAIN benefit of using Security as a Service (SECaaS) providers?

  • A. Available security services from providers are affordable to enterprises of all sizes.
  • B. Significant investments and specialized security skills are not required.
  • C. Enterprises can use the latest technologies to counter threats that are constantly evolving.
  • D. SECaaS providers are compliant with specific security requirements and new regulations.

正解:B

解説:
Explanation
A MAIN benefit of using Security as a Service (SECaaS) providers is that significant investments and specialized security skills are not required. SECaaS is a type of cloud service model that provides security solutions and services to customers over the internet. SECaaS providers can offer various security functions such as antivirus, firewall, encryption, identity management, vulnerability scanning, and incident response. By using SECaaS providers, customers can save costs and resources on acquiring, maintaining, and updating security hardware and software. Customers can also leverage the expertise and experience of the SECaaS providers to address their security needs and challenges.


質問 # 38
Which of the following is MOST important to ensure the successful implementation of continuous auditing?

  • A. Surplus processing capacity
  • B. Top management support
  • C. Budget for additional storage hardware
  • D. Budget for additional technical resources

正解:B

解説:
Explanation
The MOST important factor to ensure the successful implementation of continuous auditing is top management support. This is because top management support helps to provide the vision, direction, and resources for implementing continuous auditing within the organization. Top management support also helps to overcome any resistance or challenges that may arise from implementing continuous auditing, such as cultural change, stakeholder buy-in, process reengineering, etc. Top management support also helps to ensure that the results and findings of continuous auditing are communicated and acted upon by the relevant decision-makers and stakeholders. The other options are not factors that are more important than top management support for ensuring the successful implementation of continuous auditing, but rather different aspects or benefits of continuous auditing, such as storage hardware (A), technical resources (B), or processing capacity (D).


質問 # 39
Which of the following backup procedure would only copy files that have changed since the last backup was made?

  • A. Differential backup
  • B. Full backup
  • C. Incremental backup
  • D. Daily backup

正解:C

解説:
Explanation
The backup procedure that would only copy files that have changed since the last backup was made is an incremental backup. This is because an incremental backup is a type of backup that only copies the files that have been created or modified since the previous backup, whether it was a full or an incremental backup. An incremental backup helps to reduce the backup time and storage space, as well as the recovery time, as only the changed files need to be restored. The other options are not backup procedures that would only copy files that have changed since the last backup was made, but rather different types of backup procedures that copy files based on different criteria, such as daily backup (B), differential backup C, or full backup (D).


質問 # 40
Which of the following is a passive activity that could be used by an attacker during reconnaissance to gather information about an organization?

  • A. Scanning the network perimeter
  • B. Crafting counterfeit websites
  • C. Social engineering
  • D. Using open source discovery

正解:D

解説:
Explanation
A passive activity that could be used by an attacker during reconnaissance to gather information about an organization is using open source discovery. This is because open source discovery is a technique that involves collecting and analyzing publicly available information about an organization, such as its website, social media, press releases, annual reports, etc. Open source discovery does not require any direct interaction or communication with the target organization or its systems or network, and therefore does not generate any traffic or alerts that could be detected by the organization's security controls. The other options are not passive activities that could be used by an attacker during reconnaissance to gather information about an organization, but rather active activities that involve direct or indirect interaction or communication with the target organization or its systems or network, such as scanning the network perimeter (B), social engineering C, or crafting counterfeit websites (D).


質問 # 41
Which of the following is a client-server program that opens a secure, encrypted command-line shell session from the Internet for remote logon?

  • A. IPsec
  • B. SFTP
  • C. VPN
  • D. SSH

正解:D

解説:
Explanation
The correct answer is C. SSH.
SSH stands for Secure Shell, a client-server program that opens a secure, encrypted command-line shell session from the Internet for remote logon. SSH allows users to remotely access and execute commands on a server without exposing their credentials or data to eavesdropping, tampering or replay attacks. SSH also supports secure file transfer protocols such as SFTP and SCP1.
VPN stands for Virtual Private Network, a technology that creates a secure, encrypted tunnel between two or more devices over a public network such as the Internet. VPN allows users to access resources on a remote network as if they were physically connected to it, while protecting their privacy and identity2.
IPsec stands for Internet Protocol Security, a set of protocols that provides security at the network layer of the Internet. IPsec supports two modes: transport mode and tunnel mode. Transport mode encrypts only the payload of each packet, while tunnel mode encrypts the entire packet, including the header. IPsec can be used to secure VPN connections, as well as other applications that require data confidentiality, integrity and authentication3.
SFTP stands for Secure File Transfer Protocol, a protocol that uses SSH to securely transfer files between a client and a server over a network. SFTP provides encryption, authentication and compression features to ensure the security and reliability of file transfers.
1: SSH (Secure Shell) 2: What is a VPN? How It Works, Types of VPN | Kaspersky 3: IPsec - Wikipedia :
[SFTP - Wikipedia]


質問 # 42
A data loss prevention (DLP) program helps protect an organization from:

  • A. crypto ransomware infection.
  • B. unauthorized data modification.
  • C. unauthorized access to servers and applications.
  • D. exfiltration of sensitive data.

正解:D

解説:
Explanation
A data loss prevention (DLP) program helps protect an organization from exfiltration of sensitive data. This is because exfiltration of sensitive data is a type of cyberattack that involves stealing or leaking sensitive or confidential information from an organization's systems or networks to an external destination or party.
Exfiltration of sensitive data can cause serious harm to an organization's reputation, operations, finances, legal compliance, etc. A DLP program helps to prevent exfiltration of sensitive data by detecting and blocking any unauthorized or suspicious attempts to access, copy, transfer, or share sensitive data by users or applications.
The other options are not cyberattacks that a DLP program helps protect an organization from, but rather different types of cyberattacks that affect other aspects or objectives of information security, such as crypto ransomware infection (A), unauthorized access to servers and applications (B), or unauthorized data modification C.


質問 # 43
Which of the following is the MOST cost-effective technique for implementing network security for human resources (HR) desktops and internal laptop users in an organization?

  • A. Software defined perimeter
  • B. Fortified demilitarized zone
  • C. Layer 3 virtual private network
  • D. Virtual local area network

正解:D

解説:
Explanation
The MOST cost-effective technique for implementing network security for human resources (HR) desktops and internal laptop users in an organization is using a virtual local area network (VLAN). A VLAN is a logical grouping of network devices that share the same broadcast domain regardless of their physical location or connection. A VLAN can enhance network security by isolating different types of traffic or users from each other and applying different security policies or rules based on the VLAN membership. For example, an organization can create a VLAN for HR desktops and internal laptop users that restricts their access to only HR-related systems or resources. A VLAN can also reduce network costs by saving bandwidth, improving performance, and simplifying management.


質問 # 44
Which of the following is MOST important to verify when reviewing the effectiveness of an organization's identity management program?

  • A. Processes are centralized and standardized.
  • B. Processes are aligned with industry best practices.
  • C. Processes are approved by the process owner.
  • D. Processes are updated and documented annually.

正解:B

解説:
Explanation
The MOST important thing to verify when reviewing the effectiveness of an organization's identity management program is whether the processes are aligned with industry best practices. Identity management is the process of managing the identities and access rights of users across an organization's systems and resources. Industry best practices provide guidelines and standards for how to implement identity management in a secure, efficient, and compliant manner.


質問 # 45
......

リアル問題集で100%無料Cybersecurity-Audit-Certificate試験問題集を試そう:https://jp.fast2test.com/Cybersecurity-Audit-Certificate-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어