2025年04月 ISACA Cybersecurity-Audit-Certificate実際にある問題と100%カバー率リアル試験問題 [Q29-Q54]

Share

2025年04月 ISACA Cybersecurity-Audit-Certificate実際にある問題と100%カバー率リアル試験問題

Cybersecurity-Audit-Certificate無料試験問題と解答PDF最新問題2025年04月

質問 # 29
The "recover" function of the NISI cybersecurity framework is concerned with:

  • A. planning for resilience and timely repair of compromised capacities and service.
  • B. identifying critical data to be recovered m case of a security incident.
  • C. allocating costs incurred as part of the implementation of cybersecurity measures.
  • D. taking appropriate action to contain and eradicate a security incident.

正解:A

解説:
Explanation
The "recover" function of the NIST cybersecurity framework is concerned with planning for resilience and timely repair of compromised capacities and service. This is because the recover function helps organizations to restore normal operations as quickly as possible after a cybersecurity incident, while also learning from the incident and improving their security posture. The other options are not part of the recover function, but rather belong to the identify (B), respond C, or protect (D) functions.


質問 # 30
The second line of defense in cybersecurity includes:

  • A. performing attack and breach penetration testing.
  • B. conducting organization-wide control self-assessments.
  • C. risk management monitoring, and measurement of controls.
  • D. separate reporting to the audit committee within the organization.

正解:C

解説:
The second line of defense in cybersecurity includes risk management monitoring, and measurement of controls. This is because the second line of defense is responsible for ensuring that the first line of defense (the operational managers and staff who own and manage risks) is effectively designed and operating as intended. The second line of defense also provides guidance, oversight, and challenge to the first line of defense. The other options are not part of the second line of defense, but rather belong to the first line of defense (A), the third line of defense C, or an external service provider (D).


質問 # 31
An information security procedure indicates a requirement to sandbox emails. What does this requirement mean?

  • A. Ensure the emails are encrypted and provide nonrepudiation.
  • B. isolate the emails and test for malicious content
  • C. Provide a backup of emails in the event of a disaster
  • D. Guarantee rapid email delivery through firewalls.

正解:B

解説:
Explanation
An information security procedure that indicates a requirement to sandbox emails means that the emails need to be isolated and tested for malicious content. This is because sandboxing is a technique that creates a virtual or isolated environment, where suspicious or untrusted emails can be executed or analyzed without affecting the rest of the system or network. Sandboxing helps to detect and prevent malware, phishing, or spam attacks that may be embedded in emails, and protect the users and the organization from potential harm. The other options are not what sandboxing emails means, but rather different concepts or techniques that are related to information security, such as encryption and nonrepudiation (A), backup and recovery (B), or firewall and delivery (D).


質問 # 32
Which type of firewall blocks many types of attacks, such as cross-site scripting (XSS) and structured query language (SQL) injection?

  • A. Stateful inspection
  • B. Web application
  • C. Intrusion detection
  • D. Host-based

正解:B

解説:
A web application firewall (WAF) is specifically designed to monitor, filter, and block HTTP traffic to and from a web application. It is different from other types of firewalls because it can filter the content of specific web applications. By inspecting HTTP traffic, a WAF can prevent attacks stemming from web application security flaws, such as SQL injection and cross-site scripting (XSS), file inclusion, and security misconfigurations.


質問 # 33
Which of the following is a limitation of intrusion detection systems (IDS)?

  • A. Limited evidence on intrusive activity
  • B. Application-level vulnerabilities
  • C. Weak passwords for the administration console
  • D. Lack of Interface with system tools

正解:B

解説:
Explanation
A limitation of intrusion detection systems (IDS) is that they cannot detect application-level vulnerabilities. An IDS is a tool that monitors network traffic or system activity and alerts on any suspicious or malicious events.
However, an IDS cannot analyze the logic or functionality of applications and identify vulnerabilities such as SQL injection, cross-site scripting, or broken authentication.


質問 # 34
Which of the following defines the minimum acceptable rules for policy compliance?

  • A. Frameworks
  • B. Baselines
  • C. Guidelines
  • D. Standards

正解:D

解説:
Standards define the minimum acceptable rules for policy compliance. They are established by consensus and approved by a recognized body that provides for common and repeated use, rules, guidelines, or characteristics for activities or their results, aimed at the achievement of the optimum degree of order in a given context.


質問 # 35
Which of the following would provide the BEST basis for allocating proportional protection activities when comprehensive classification is not feasible?

  • A. Comprehensive cyber insurance procurement
  • B. Business process re-engineering
  • C. Business dependency assessment
  • D. Single classification level allocation

正解:C

解説:
The BEST basis for allocating proportional protection activities when comprehensive classification is not feasible is a business dependency assessment. This is because a business dependency assessment helps to identify the criticality and sensitivity of business processes and their supporting assets, based on their contribution to the organization's objectives and value proposition. This allows for prioritizing protection activities according to the level of risk and impact. The other options are not as effective as a business dependency assessment, because they either use a single classification level allocation (A), which does not account for different levels of risk and impact; require a significant amount of time and resources to perform a business process re-engineering (B); or rely on external parties to cover potential losses without reducing the likelihood or impact of incidents (D).


質問 # 36
Which of the following is the MOST important step to determine the risks posed to an organization by social media?

  • A. Review costs related to the organization's social media outages.
  • B. Review access control processes for the organization's social media accounts.
  • C. Review cybersecurity insurance requirements for the organization s social media.
  • D. Review the disaster recovery strategy for the organization's social media.

正解:B

解説:
The MOST important step to determine the risks posed to an organization by social media is to review access control processes for the organization's social media accounts. This is because access control processes help to ensure that only authorized users can access, modify, or share the organization's social media accounts and content, and prevent unauthorized or malicious access or disclosure of sensitive or confidential information. Access control processes also help to protect the organization's reputation and brand image from being compromised or damaged by unauthorized or inappropriate social media posts. The other options are not as important as reviewing access control processes for the organization's social media accounts, because they either relate to costs (A), insurance (B), or recovery C aspects that are not directly related to the risks posed by social media.


質問 # 37
Which intrusion detection system component is responsible for collecting data in the form of network packets, log files, or system call traces?

  • A. Packet filters
  • B. Sensors
  • C. Administration modules
  • D. Analyzers

正解:B

解説:
Explanation
The intrusion detection system component that is responsible for collecting data in the form of network packets, log files, or system call traces is sensors. This is because sensors are components of an intrusion detection system that are deployed on various locations or points of the network or system, such as routers, switches, servers, etc., and that capture and collect data from the network traffic or system activities. Sensors then forward the collected data to another component of the intrusion detection system, such as analyzers, for further processing and analysis. The other options are not components of an intrusion detection system that are responsible for collecting data in the form of network packets, log files, or system call traces, but rather different components or techniques that are related to intrusion detection or prevention, such as packet filters (A), analyzers (B), or administration modules C.


質問 # 38
Which type of tools look for anomalies in user behavior?

  • A. Audit reduction tools
  • B. Attack-signature-detection tools
  • C. Rootkit detection tools
  • D. Trend/variance-detection tools

正解:D

解説:
Explanation
Trend/variance-detection tools are tools that look for anomalies in user behavior. These tools use statistical methods to establish a baseline of normal user activity and then compare it with current or historical data to identify deviations or outliers. These tools can help to detect unauthorized access, fraud, insider threats, or other malicious activities.


質問 # 39
Why are security frameworks an important part of a cybersecurity strategy?

  • A. They are required for regulatory compliance.
  • B. They serve to integrate and guide activities.
  • C. They contain the necessary policies and standards.
  • D. They provide protection to the organization.

正解:B

解説:
Security frameworks are crucial in a cybersecurity strategy because they provide a structured approach to managing and mitigating risks. They help in integrating various cybersecurity activities and guiding them towards achieving the strategic objectives of the organization. By establishing a common language and systematic methodology, they ensure that all parts of the organization's cybersecurity program are aligned and working cohesively.


質問 # 40
Which of the following BEST helps IT administrators to ensure servers have no unnecessary features installed?

  • A. Comparison against information security policy
  • B. Comparison against baseline standards
  • C. Review of vulnerability scanning results
  • D. Verification of user acceptance testing

正解:A

解説:
To ensure servers have no unnecessary features installed, IT administrators should compare the current server configuration against predefined baseline standards. These standards serve as a guide for the minimum necessary configurations and help identify any deviations, including unnecessary features or services that may introduce security vulnerabilities.
Reference = Baseline standards are a critical component of cybersecurity audits as they provide a clear framework for the secure configuration of systems. ISACA's resources emphasize the importance of using baseline standards as part of the cybersecurity audit process to manage and mitigate risks effectively123.


質問 # 41
Which of the following is a feature of an intrusion detection system (IDS)?

  • A. Automated response
  • B. Back doors into applications
  • C. Interface with firewalls
  • D. Intrusion prevention

正解:A

解説:
A feature of an intrusion detection system (IDS) is automated response. This is because an IDS is a system that monitors network or system activities for malicious or anomalous behavior, and alerts or reports on any detected incidents. An IDS can also perform automated response actions, such as blocking traffic, terminating sessions, or sending notifications, to contain or mitigate the incidents. The other options are not features of an IDS, but rather different concepts or techniques that are related to intrusion detection or prevention, such as intrusion prevention (A), interface with firewalls C, or back doors into applications (D).


質問 # 42
in key protection/management, access should be aligned with which of the following?

  • A. Role descriptions
  • B. Least privilege
  • C. Position responsibilities
  • D. System limitation

正解:B

解説:
Explanation
In key protection/management, access should be aligned with the principle of least privilege. This means that users should only have the minimum level of access required to perform their tasks and no more. This reduces the risk of unauthorized access, misuse, or compromise of sensitive data or systems.


質問 # 43
Which of the following presents the GREATEST challenge to information risk management when outsourcing IT function to a third party?

  • A. It is difficult to know the applicable regulatory requirements when data is located on another country.
  • B. It is difficult to determine vendor financial viability to assess their potential inability to meet contract requirements.
  • C. Providers may be reluctant to share technical delays on the extent of their information protection mechanisms.
  • D. Providers may be restricted from providing detailed ^formation on their employees.

正解:C

解説:
The GREATEST challenge to information risk management when outsourcing IT function to a third party is that providers may be reluctant to share technical details on the extent of their information protection mechanisms. This is because providers may consider their information protection mechanisms as proprietary or confidential, or may not want to reveal their weaknesses or vulnerabilities. This makes it difficult for the outsourcing organization to assess the level of security and compliance of the provider, and to monitor and audit their performance. The other options are not as challenging as providers being reluctant to share technical details, because they either involve legal or contractual aspects that can be clarified or negotiated before outsourcing (A, D), or human resource aspects that can be verified or validated by the provider C.


質問 # 44
One way to control the integrity of digital assets is through the use of:

  • A. frameworks.
  • B. hashing.
  • C. caching
  • D. policies.

正解:B

解説:
One way to control the integrity of digital assets is through the use of hashing. This is because hashing is a technique that applies a mathematical function to a digital asset, such as a file or a message, and produces a unique and fixed-length value, known as a hash or a digest. Hashing helps to verify the integrity of digital assets, by comparing the hash values before and after transmission or storage, and detecting any changes or modifications to the original asset. The other options are not ways to control the integrity of digital assets, but rather different concepts or techniques that are related to information security, such as policies (A), frameworks (B), or caching C.


質問 # 45
One way to control the integrity of digital assets is through the use of:

  • A. frameworks.
  • B. hashing.
  • C. caching.
  • D. policies.

正解:B

解説:
Hashing is a method used to ensure the integrity of digital assets. It involves applying a hash function to the digital asset's data to produce a unique hash value. This value acts as a digital fingerprint; any alteration to the data will result in a different hash value when the hash function is reapplied. This makes it easy to detect unauthorized changes to the data, thereby protecting the integrity of the digital assets.


質問 # 46
A cloud service provider is used to perform analytics on an organization's sensitive dat a. A data leakage incident occurs in the service providers network from a regulatory perspective, who is responsible for the data breach?

  • A. Dependent upon the nature of breath
  • B. The organization
  • C. Dependent upon specific regulatory requirements
  • D. The service provider

正解:B

解説:
A cloud service provider is used to perform analytics on an organization's sensitive data. A data leakage incident occurs in the service provider's network. From a regulatory perspective, the organization is responsible for the data breach. This is because the organization is the data owner and has the ultimate accountability and liability for the security and privacy of its data, regardless of where it is stored or processed. The organization cannot transfer or delegate its responsibility to the service provider, even if there is a contractual agreement or service level agreement that specifies the security obligations of the service provider. The other options are not correct, because they either imply that the service provider is responsible (A), or that the responsibility depends on the nature of breach (B) or specific regulatory requirements C, which are not relevant factors.


質問 # 47
Which of the following is an objective of public key infrastructure (PKI)?

  • A. Securely distributing secret keys to the communicating parties
  • B. Approving the algorithm to be used during data transmission
  • C. Creating the private-public key pair for secure communications
  • D. Independently authenticating the validity of the sender's public key

正解:D

解説:
Explanation
An objective of public key infrastructure (PKI) is to independently authenticate the validity of the sender's public key. PKI is a system that uses cryptographic keys to secure communications and transactions. PKI involves a trusted third party called a certificate authority (CA) that issues digital certificates that link a public key with an identity. The recipient can use the CA's public key to verify the sender's certificate and public key.


質問 # 48
Which of the following features of continuous auditing provides the BEST level of assurance over traditional sampling?

  • A. Reports can be generated more frequently for management.
  • B. Automated tools provide more reliability than an auditors personal judgment
  • C. Voluminous dale can be analyzed at a high speed to show relevant patterns.
  • D. Continuous auditing tools are less complex for auditors to manage.

正解:C

解説:
Explanation
The feature of continuous auditing that provides the BEST level of assurance over traditional sampling is that voluminous data can be analyzed at a high speed to show relevant patterns. This is because continuous auditing is a technique that uses automated tools and processes to perform audit activities on a continuous or near-real-time basis, and to analyze large amounts of data from various sources and systems. Continuous auditing helps to provide a higher level of assurance than traditional sampling, by covering the entire population of transactions or events, rather than a subset or sample, and by identifying trends, anomalies, or exceptions that may indicate risks or issues. The other options are not features of continuous auditing that provide the best level of assurance over traditional sampling, but rather different aspects or benefits of continuous auditing, such as reporting frequency (A), reliability (B), or complexity (D).


質問 # 49
Which of the following is the BEST method of maintaining the confidentiality of digital information?

  • A. Use of access controls, file permissions, and encryption
  • B. Use of logging digital signatures, and write protection
  • C. Use of the awareness tracing programs and related end-user testing
  • D. Use of backups and business continuity planning

正解:A

解説:
Explanation
The BEST method of maintaining the confidentiality of digital information is using access controls, file permissions, and encryption. This is because these techniques help to prevent unauthorized access, disclosure, or modification of digital information, by restricting who can access the information, what they can do with it, and how they can access it. The other options are not as effective as using access controls, file permissions, and encryption, because they either relate to protecting availability (B), integrity C, or awareness (D).


質問 # 50
Which of the following is the GREATEST risk pertaining to sensitive data leakage when users set mobile devices to "always on" mode?

  • A. A user's behavior pattern can be predicted.
  • B. Authorization tokens could be exploited.
  • C. An adversary can predict a user's login credentials.
  • D. Mobile connectivity could be severely weakened.

正解:B

解説:
Explanation
The GREATEST risk pertaining to sensitive data leakage when users set mobile devices to "always on" mode is that authorization tokens could be exploited. Authorization tokens are pieces of data that are used to authenticate users and grant them access to certain resources or services. Authorization tokens are often stored on mobile devices to enable seamless and convenient access without requiring users to enter their credentials repeatedly. However, if users set their mobile devices to "always on" mode, they increase the risk of losing their devices or having them stolen by attackers. Attackers can then access the authorization tokens stored on the devices and use them to impersonate the users or access their sensitive data.


質問 # 51
Which of the following is the MOST relevant type of audit to conduct when fraud has been detected following an incident?

  • A. Financial audit
  • B. Cybersecurity audit
  • C. Cyber insurance audit
  • D. Forensics audit

正解:D

解説:
When fraud has been detected following an incident, a forensics audit is the most relevant type of audit to conduct. A forensics audit is specifically designed to investigate and uncover evidence of fraud, misconduct, or other financial crimes. It involves the use of auditing and investigative skills to examine financial records, identify irregularities, and gather evidence that can be used in legal proceedings1.


質問 # 52
Which of the following is a feature of a stateful inspection firewall?

  • A. It is capable of detecting and blocking sophisticated attacks
  • B. It tracks the destination IP address of each packet that leaves the organization's internal network.
  • C. It prevents any attack initiated and originated by an insider.
  • D. It translates the MAC address to the destination IP address of each packet that enters the organization's internal network.

正解:A

解説:
Explanation
A feature of a stateful inspection firewall is that it is capable of detecting and blocking sophisticated attacks. A stateful inspection firewall is a type of firewall that monitors and analyzes the state and context of network traffic. It keeps track of the source, destination, protocol, port, and session information of each packet and compares it with a set of predefined rules. A stateful inspection firewall can detect and block attacks that exploit the logic or behavior of network protocols or applications, such as fragmentation attacks, session hijacking, or application-layer attacks.


質問 # 53
Which of the following is a passive activity that could be used by an attacker during reconnaissance to gather information about an organization?

  • A. Crafting counterfeit websites
  • B. Social engineering
  • C. Scanning the network perimeter
  • D. Using open source discovery

正解:D

解説:
A passive activity that could be used by an attacker during reconnaissance to gather information about an organization is using open source discovery. This is because open source discovery is a technique that involves collecting and analyzing publicly available information about an organization, such as its website, social media, press releases, annual reports, etc. Open source discovery does not require any direct interaction or communication with the target organization or its systems or network, and therefore does not generate any traffic or alerts that could be detected by the organization's security controls. The other options are not passive activities that could be used by an attacker during reconnaissance to gather information about an organization, but rather active activities that involve direct or indirect interaction or communication with the target organization or its systems or network, such as scanning the network perimeter (B), social engineering C, or crafting counterfeit websites (D).


質問 # 54
......

ISACA Cybersecurity-Audit-Certificateリアル2025年最新のブレーン問題集模擬試験問題集:https://jp.fast2test.com/Cybersecurity-Audit-Certificate-premium-file.html


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어