[2023年05月03日] ISFS PDFで最近更新された問題です集試験点数を伸ばそう [Q48-Q68]

Share

[2023年05月03日] ISFS PDFで最近更新された問題です集試験点数を伸ばそう

ISFS完全版問題集には無料PDF問題で合格させる


EXIN ISFS 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • Describe the risks involved with insufficient technical security measures
  • Describe how the value of data and information can influence organizations
トピック 2
  • Explain the relationship between risks and security measures
  • Describe the risks involved with insufficient physical security measures
トピック 3
  • Explain the consequences of not reporting security incidents
  • Explain the objective of the classification of information
トピック 4
  • Explain why legislation and regulations are important for the reliability of information
  • Explain the difference between data and information
トピック 5
  • Give examples of legislation related to information security
  • Outline the objectives and the content of a security policy
トピック 6
  • Describe access security measures such as the segregation of duties and the use of passwords
  • Name the most important roles in the security organization
トピック 7
  • Describe the concepts identification, authentication,and authorization
  • Describe the value of data and information for organizations

 

質問 48
You work in the IT department of a medium-sized company. Confidential information has got into the wrong hands several times. This has hurt the image of the company. You have been asked to propose organizational security measures for laptops at your company. What is the first step that you should take?

  • A. Encrypt the hard drives of laptops and USB sticks
  • B. Appoint security personnel
  • C. Formulate a policy regarding mobile media (PDAs, laptops, smartphones, USB sticks)
  • D. Set up an access control policy

正解: C

解説:
Explanation/Reference:

 

質問 49
What is a human threat to the reliability of the information on your company website?

  • A. The computer hosting your website is overloaded and crashes. Your website is offline.
  • B. One of your employees commits an error in the price of a product on your website.
  • C. Because of a lack of maintenance, a fire hydrant springs a leak and floods the premises. Your employees cannot come into the office and therefore can not keep the information on the website up to date.

正解: B

 

質問 50
There is a network printer in the hallway of the company where you work. Many employees dont pick up their printouts immediately and leave them in the printer. What are the consequences of this to the reliability of the information?

  • A. The confidentiality of the information is no longer guaranteed.
  • B. The availability of the information is no longer guaranteed.
  • C. The integrity of the information is no longer guaranteed.

正解: A

解説:
Explanation

 

質問 51
Midwest Insurance controls access to its offices with a passkey system. We call this a preventive measure. What are some other measures?

  • A. Detective, repressive and corrective measures
  • B. Partial, adaptive and corrective measures
  • C. Repressive, adaptive and corrective measures

正解: A

 

質問 52
You are a consultant and are regularly hired by the Ministry of Defense to perform analysis.
Since the assignments are irregular, you outsource the administration of your business to temporary workers.
You don't want the temporary workers to have access to your reports. Which reliability aspect of the information in your reports must you protect?

  • A. Availability
  • B. Integrity
  • C. Confidentiality

正解: C

 

質問 53
Which type of malware builds a network of contaminated computers?

  • A. Storm Worm or Botnet
  • B. Trojan
  • C. Logic Bomb
  • D. Virus

正解: A

 

質問 54
An airline company employee notices that she has access to one of the company's applications that she has not used before. Is this an information security incident?

  • A. Yes
  • B. No

正解: B

解説:
Explanation

 

質問 55
You apply for a position in another company and get the job. Along with your contract, you are asked to sign a code of conduct. What is a code of conduct?

  • A. A code of conduct differs from company to company and specifies, among other things, the rules of behavior with regard to the usage of information systems.
  • B. A code of conduct is a standard part of a labor contract.
  • C. A code of conduct specifies how employees are expected to conduct themselves and is the same for all companies.

正解: A

 

質問 56
A non-human threat for computer systems is a flood. In which situation is a flood always a relevant threat?

  • A. When computer systems are kept in a cellar below ground level.
  • B. When the computer systems are not insured.
  • C. When the organization is located near a river.
  • D. If the risk analysis has not been carried out.

正解: A

 

質問 57
You are a consultant and are regularly hired by the Ministry of Defense to perform analysis.
Since the assignments are irregular, you outsource the administration of your business to temporary workers. You don't want the temporary workers to have access to your reports. Which reliability aspect of the information in your reports must you protect?

  • A. Availability
  • B. Integrity
  • C. Confidentiality

正解: C

 

質問 58
Midwest Insurance controls access to its offices with a passkey system. We call this a preventive measure.
What are some other measures?

  • A. Detective, repressive and corrective measures
  • B. Partial, adaptive and corrective measures
  • C. Repressive, adaptive and corrective measures

正解: A

 

質問 59
What is the most important reason for applying segregation of duties?

  • A. Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.
  • B. Segregation of duties makes it clear who is responsible for what.
  • C. Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.
  • D. Segregation of duties makes it easier for a person who is ready with his or her part of the work to take time off or to take over the work of another person.

正解: A

 

質問 60
There is a network printer in the hallway of the company where you work. Many employees dont pick up their printouts immediately and leave them in the printer. What are the consequences of this to the reliability of the information?

  • A. The confidentiality of the information is no longer guaranteed.
  • B. The availability of the information is no longer guaranteed.
  • C. The integrity of the information is no longer guaranteed.

正解: A

 

質問 61
What is the best description of a risk analysis?

  • A. A risk analysis is a method of mapping risks without looking at company processes.
  • B. A risk analysis calculates the exact financial consequences of damages.
  • C. A risk analysis helps to estimate the risks and develop the appropriate security measures.

正解: C

 

質問 62
What action is an unintentional human threat?

  • A. Social engineering
  • B. Arson
  • C. Theft of a laptop
  • D. Incorrect use of fire extinguishing equipment

正解: D

 

質問 63
What physical security measure is necessary to control access to company information?

  • A. Air-conditioning
  • B. Username and password
  • C. Prohibiting the use of USB sticks
  • D. The use of break-resistant glass and doors with the right locks, frames and hinges

正解: D

 

質問 64
What do employees need to know to report a security incident?

  • A. Who is responsible for the incident and whether it was intentional.
  • B. How to report an incident and to whom.
  • C. The measures that should have been taken to prevent the incident in the first place.
  • D. Whether the incident has occurred before and what was the resulting damage.

正解: B

 

質問 65
You are the owner of SpeeDelivery courier service. Because of your companys growth you have to think about information security. You know that you have to start creating a policy. Why is it so important to have an information security policy as a starting point?

  • A. The information security policy gives direction to the information security efforts.
  • B. The information security policy establishes who is responsible for which area of information security.
  • C. The information security policy supplies instructions for the daily practice of information security.
  • D. The information security policy establishes which devices will be protected.

正解: A

 

質問 66
You are a consultant and are regularly hired by the Ministry of Defense to perform analysis. Since the assignments are irregular, you outsource the administration of your business to temporary workers. You don't want the temporary workers to have access to your reports. Which reliability aspect of the information in your reports must you protect?

  • A. Availability
  • B. Integrity
  • C. Confidentiality

正解: C

 

質問 67
Which of the following measures is a corrective measure?

  • A. Incorporating an Intrusion Detection System (IDS) in the design of a computer centre
  • B. Restoring a backup of the correct database after a corrupt copy of the database was written over the original
  • C. Making a backup of the data that has been created or altered that day
  • D. Installing a virus scanner in an information system

正解: B

 

質問 68
......

100%更新されたのはEXIN ISFS限定版PDF問題集:https://jp.fast2test.com/ISFS-premium-file.html

無料Exin Certification ISFS公式認定ガイドPDFダウンロード:https://drive.google.com/open?id=1LDE4tmm2HiCoKUD3XeO-Pe5_xx64LL7W


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어