2024年最新のISFS問題集の無料PDFゲットせよ!最近更新された問題 [Q41-Q64]

Share

2024年最新のISFS問題集の無料PDFゲットせよ!最近更新された問題

ISFS認定試験問題集には80練習テスト問題

質問 # 41
What is a human threat to the reliability of the information on your company website?

  • A. One of your employees commits an error in the price of a product on your website.
  • B. Because of a lack of maintenance, a fire hydrant springs a leak and floods the premises. Your employees cannot come into the office and therefore can not keep the information on the website up to date.
  • C. The computer hosting your website is overloaded and crashes. Your website is offline.

正解:A


質問 # 42
We can acquire and supply information in various ways. The value of the information depends on whether it is reliable. What are the reliability aspects of information?

  • A. Availability, Information Value and Confidentiality
  • B. Availability, Integrity and Completeness
  • C. Availability, Integrity and Confidentiality
  • D. Timeliness, Accuracy and Completeness

正解:C


質問 # 43
What is the most important reason for applying segregation of duties?

  • A. Segregation of duties makes it easier for a person who is ready with his or her part of the work to take time off or to take over the work of another person.
  • B. Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.
  • C. Segregation of duties makes it clear who is responsible for what.
  • D. Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.

正解:D

解説:
Explanation


質問 # 44
Why is air-conditioning placed in the server room?

  • A. When a company wishes to cool its offices, the server room is the best place. This way, no office space needs to be sacrificed for such a large piece of equipment.
  • B. It is not pleasant for the maintenance staff to have to work in a server room that is too warm.
  • C. Backup tapes are made from thin plastic which cannot withstand high temperatures. Therefore, if it gets too hot in a server room, they may get damaged.
  • D. In the server room the air has to be cooled and the heat produced by the equipment has to be extracted. The air in the room is also dehumidified and filtered.

正解:D


質問 # 45
When we are at our desk, we want the information system and the necessary information to be available. We want to be able to work with the computer and access the network and our files.
What is the correct definition of availability?

  • A. The degree to which an information system is available for the users
  • B. The degree to which the continuity of an organization is guaranteed
  • C. The degree to which the system capacity is enough to allow all users to work with it
  • D. The total amount of time that an information system is accessible to the users

正解:A

解説:
Explanation/Reference:


質問 # 46
Which of the following measures is a corrective measure?

  • A. Making a backup of the data that has been created or altered that day
  • B. Restoring a backup of the correct database after a corrupt copy of the database was written over the original
  • C. Installing a virus scanner in an information system
  • D. Incorporating an Intrusion Detection System (IDS) in the design of a computer centre

正解:B


質問 # 47
What action is an unintentional human threat?

  • A. Incorrect use of fire extinguishing equipment
  • B. Arson
  • C. Theft of a laptop
  • D. Social engineering

正解:A


質問 # 48
Your organization has an office with space for 25 workstations. These workstations are all fully equipped and in use. Due to a reorganization 10 extra workstations are added, 5 of which are used for a call centre 24 hours per day. Five workstations must always be available. What physical security measures must be taken in order to ensure this?

  • A. Obtain an extra office and set up 10 workstations. You would therefore have spare equipment that can be used to replace any non-functioning equipment.
  • B. Obtain an extra office and set up 10 workstations. Ensure that there are security personnel both in the evenings and at night, so that staff can work there safely and securely.
  • C. Obtain an extra office and connect all 10 new workstations to an emergency power supply and UPS (Uninterruptible Power Supply). Adjust the access control system to the working hours of the new staff.
    Inform the building security personnel that work will also be carried out in the evenings and at night.
  • D. Obtain an extra office and provide a UPS (Uninterruptible Power Supply) for the five most important workstations.

正解:C


質問 # 49
Who is authorized to change the classification of a document?

  • A. The manager of the owner of the document
  • B. The owner of the document
  • C. The administrator of the document
  • D. The author of the document

正解:B


質問 # 50
The consultants at Smith Consultants Inc. work on laptops that are protected by asymmetrical cryptography. To keep the management of the keys cheap, all consultants use the same key pair. What is the companys risk if they operate in this manner?

  • A. If the Public Key Infrastructure (PKI) becomes known all laptops must be supplied with new keys.
  • B. If the public key becomes known all laptops must be supplied with new keys.
  • C. If the private key becomes known all laptops must be supplied with new keys.

正解:C


質問 # 51
You are the owner of the courier company SpeeDelivery. You have carried out a risk analysis and now want to determine your risk strategy. You decide to take measures for the large risks but not for the small risks. What is this risk strategy called?

  • A. Risk avoiding
  • B. Risk neutral
  • C. Risk bearing

正解:B


質問 # 52
Three characteristics determine the reliability of information. Which characteristics are these?

  • A. Availability, Nonrepudiation and Confidentiality
  • B. Availability, Integrity and Correctness
  • C. Availability, Integrity and Confidentiality

正解:C


質問 # 53
What is the best description of a risk analysis?

  • A. A risk analysis is a method of mapping risks without looking at company processes.
  • B. A risk analysis calculates the exact financial consequences of damages.
  • C. A risk analysis helps to estimate the risks and develop the appropriate security measures.

正解:C


質問 # 54
You work in the IT department of a medium-sized company. Confidential information has got into the wrong hands several times. This has hurt the image of the company. You have been asked to propose organizational security measures for laptops at your company. What is the first step that you should take?

  • A. Encrypt the hard drives of laptops and USB sticks
  • B. Set up an access control policy
  • C. Appoint security personnel
  • D. Formulate a policy regarding mobile media (PDAs, laptops, smartphones, USB sticks)

正解:D

解説:
Explanation/Reference:


質問 # 55
What is the best way to comply with legislation and regulations for personal data protection?

  • A. Maintaining an incident register
  • B. Appointing the responsibility to someone
  • C. Performing a threat analysis
  • D. Performing a vulnerability analysis

正解:B


質問 # 56
An airline company employee notices that she has access to one of the company's applications that she has not used before. Is this an information security incident?

  • A. No
  • B. Yes

正解:A


質問 # 57
Some threats are caused directly by people, others have a natural cause. What is an example of an intentional human threat?

  • A. Arson
  • B. Flood
  • C. Loss of a USB stick
  • D. Lightning strike

正解:A


質問 # 58
An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry date of a contract with one of the clients is earlier than the start date. What type of measure could prevent this error?

  • A. Organizational measure
  • B. Technical measure
  • C. Availability measure
  • D. Integrity measure

正解:B

解説:
Explanation/Reference:


質問 # 59
Why is compliance important for the reliability of the information?

  • A. By meeting the legislative requirements and the regulations of both the government and internal management, an organization shows that it manages its information in a sound manner.
  • B. Compliance is another word for reliability. So, if a company indicates that it is compliant, it means that the information is managed properly.
  • C. When an organization employs a standard such as the ISO/IEC 27002 and uses it everywhere, it is compliant and therefore it guarantees the reliability of its information.
  • D. When an organization is compliant, it meets the requirements of privacy legislation and, in doing so, protects the reliability of its information.

正解:A


質問 # 60
What is the goal of an organization's security policy?

  • A. To document all procedures required to maintain information security
  • B. To define all threats to and measures for ensuring information security
  • C. To document all incidents that threaten the reliability of information
  • D. To provide direction and support to information security

正解:D


質問 # 61
You are the owner of the courier company SpeeDelivery. You employ a few people who, while waiting to make a delivery, can carry out other tasks. You notice, however, that they use this time to send and read their private mail and surf the Internet. In legal terms, in which way can the use of the Internet and e-mail facilities be best regulated?

  • A. Installing a virus scanner
  • B. Drafting a code of conduct for the use of the Internet and e-mail in which the rights and obligations of both the employer and staff are set down
  • C. Installing an application that makes certain websites no longer accessible and that filters attachments in e-mails
  • D. Implementing privacy regulations

正解:B


質問 # 62
Why do organizations have an information security policy?

  • A. In order to ensure that everyone knows who is responsible for carrying out the backup procedures.
  • B. In order to demonstrate the operation of the Plan-Do-Check-Act cycle within an organization.
  • C. In order to ensure that staff do not break any laws.
  • D. In order to give direction to how information security is set up within an organization.

正解:D


質問 # 63
What is the most important reason for applying segregation of duties?

  • A. Segregation of duties makes it easier for a person who is ready with his or her part of the work to take time off or to take over the work of another person.
  • B. Segregation of duties ensures that, when a person is absent, it can be investigated whether he or she has been committing fraud.
  • C. Segregation of duties makes it clear who is responsible for what.
  • D. Tasks and responsibilities must be separated in order to minimize the opportunities for business assets to be misused or changed, whether the change be unauthorized or unintentional.

正解:D


質問 # 64
......


ISO/IEC 27001に基づいた情報セキュリティ財団としても知られるExin ISFS認定は、情報セキュリティの分野における個人の基本的な知識を検証するグローバルに認められた認定です。この試験は、情報セキュリティの分野の候補者の基本的な知識をテストし、組織内の情報のセキュリティに貢献するために必要なスキルと知識を確保するように設計されています。

 

最新ISFS試験問題集には高得点で一発合格:https://jp.fast2test.com/ISFS-premium-file.html

EXIN ISFS実際の問題とブレーン問題集:https://drive.google.com/open?id=1LDE4tmm2HiCoKUD3XeO-Pe5_xx64LL7W


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어