[2025年12月] ベストな問題集を使おう EPI IT Management CITM 専門試験問題 [Q18-Q41]

Share

[2025年12月] ベストな問題集を使おうEPI IT Management CITM専門試験問題

100%の合格率を試そう!更新されたのはCITM試験問題 [2025]


EXIN CITM 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • Vendor Selection
  • Management: This section measures the expertise of a Vendor Manager and covers the process of selecting and managing third-party providers. It addresses evaluating vendor capabilities, negotiating contracts, monitoring performance, and maintaining productive relationships to ensure service quality and value.
トピック 2
  • IT Organization: This domain targets an IT Operations Manager and focuses on the design and management of IT organizational structures. It includes defining roles and responsibilities, establishing governance frameworks, managing resources effectively, and fostering collaboration to support IT service delivery and business needs.
トピック 3
  • Project Management: This domain is aimed at an IT Project Manager and encompasses planning, executing, and controlling IT projects. It includes managing scope, time, cost, quality, and risks, applying project methodologies, engaging stakeholders, and delivering projects that meet business requirements.
トピック 4
  • IT Strategy: This section of the exam measures the skills of an IT Strategy Manager and covers the development and alignment of IT strategy with business objectives. It emphasizes creating strategic plans to support organizational goals, understanding emerging technologies, and ensuring that IT investments contribute to competitive advantage and operational efficiency.
トピック 5
  • Service Management: This domain targets a Service Delivery Manager and focuses on managing IT services to ensure consistent and efficient delivery. It includes establishing service level agreements (SLAs), incident and problem management, continuous service improvement, and aligning IT services with business demands.
トピック 6
  • Information Security Management: This section targets an Information Security Manager and focuses on protecting information assets from threats. It covers policy development, security controls implementation, incident response, data protection, and compliance with legal and regulatory requirements to maintain confidentiality, integrity, and availability.
トピック 7
  • Business Continuity Management: This section measures the skills of a Business Continuity Manager and covers planning and implementing strategies to ensure IT availability and resilience during disruptions. It includes risk assessment, disaster recovery planning, backup procedures, and testing to minimize business impact.

 

質問 # 18
Being part of service management, business relationship management follows the principles of the service lifecycle. Which of the below is not part of activities defined in service operation?

  • A. Communicate scheduled outages
  • B. Report service performance
  • C. Define service strategy
  • D. Escalation

正解:C

解説:
InITIL, theservice operationphase focuses on delivering and managing services, including activities like communicating scheduled outages (A), reporting service performance (B), and handling escalations (C).
Defining service strategy(D) is part of theservice strategyphase, not service operation, as it involves planning and aligning services with business goals.
Reference:EPI CITM study guide, under Service Management, likely references ITIL's service lifecycle, specifically distinguishing service operation from service strategy. Check sections on ITIL service operation or business relationship management.


質問 # 19
Activities in a project are discussed in a Work Breakdown Structure (WBS) session during the planning phase. Team members inform the project manager that whilst estimating the duration for activities, a lot of data exist about the effort required for each of them. Which estimation technique is best considered?

  • A. Comparative
  • B. Three-point
  • C. Bottom-up
  • D. Top-down

正解:C

解説:
When a lot of data exist about the effort required for project activities, thebottom-upestimation technique (D) is most appropriate. This method involves estimating the effort for each task in theWork Breakdown Structure (WBS)individually, then aggregating them to derive the total project duration or cost. It leverages detailed data for accuracy, as perPMBOK's estimation techniques.
* Top-down (A):Uses high-level estimates based on historical data or expert judgment, less accurate with detailed task data available.
* Three-point (B):Uses optimistic, pessimistic, and most likely estimates for uncertainty, but is less focused on leveraging detailed effort data.
* Comparative (C):Likely refers to analogous estimation, which relies on comparisons to past projects, not detailed task data.
Bottom-up estimation is ideal when detailed effort data is available, ensuring precision in project planning.
Reference:EPI CITM study guide, under Project Management, likely covers PMBOK's estimation techniques, emphasizing bottom-up for detailed data scenarios. Refer to sections on project planning or cost
/duration estimation.


質問 # 20
Whilst creating the IT service catalog, a needs analysis is conducted. One of the items discussed is the data points required for the IT services. What is the objective of these data points?

  • A. To determine the life expectancy of IT services
  • B. To establish the operating hours of the IT services
  • C. To identify the data being used by the customer
  • D. To measure the performance of IT services delivered

正解:D

解説:
InITIL's service catalog management, data points required for IT services are used tomeasure the performance of IT services delivered(A). These data points (e.g., uptime, response times, incident resolution rates) enable the IT provider to monitor and report on service quality, ensuring alignment with service level agreements (SLAs) and customer expectations. A needs analysis identifies key performance indicators (KPIs) to track service effectiveness.
* Identify data used by the customer (B):Focuses on customer data usage, not service performance.
* Determine life expectancy (C):Relates to service lifecycle planning, not data points.
* Establish operating hours (D):Operating hours are a service attribute, not the primary purpose of data points.
Reference:EPI CITM study guide, under Service Management, likely references ITIL's service catalog management, emphasizing KPIs for performance measurement. Check sections on service catalog or performance metrics.


質問 # 21
Whilst creating the budget for the project, stakeholders demand that the project manager submits a budget proposal as accurate as possible, supported by a Work/Product Breakdown Structure (WBS/PBS). What is the preferred budget estimation?

  • A. Bottom-up estimate
  • B. Analogous estimate
  • C. Rough Order of Magnitude (ROM)
  • D. Budget estimate

正解:A

解説:
For a budget proposal that must beas accurate as possibleand supported by aWork Breakdown Structure (WBS)orProduct Breakdown Structure (PBS), thebottom-up estimate(A) is preferred. This method involves estimating costs for each task or deliverable in the WBS/PBS, then aggregating them to calculate the total budget. According toPMBOK, bottom-up estimation leverages detailed data, ensuring high accuracy, especially when a WBS is available.
* Rough Order of Magnitude (ROM) (B):A high-level estimate with low accuracy (±50%), used early in projects, not suitable for detailed budgeting.
* Analogous estimate (C):Relies on historical data from similar projects, less accurate than bottom-up when detailed WBS data exists.
* Budget estimate (D):A general term, not a specific technique, and less precise than bottom-up.
Reference:EPI CITM study guide, under Project Management, likely references PMBOK's cost estimation techniques, emphasizing bottom-up for accurate budgeting. Refer to sections on project cost management or budgeting.


質問 # 22
During Post Implementation Review (PIR) of changes, it is lately concluded that an unusual high number of changes failed to meet their objectives. What is the most likely cause of this?

  • A. Insufficient budget allocation
  • B. Insufficient resources for change implementation
  • C. Change Advisory Board (CAB) meetings are not taking place
  • D. Lack of effort in assessing and evaluating change requests

正解:D

解説:
A high failure rate of changes duringPost Implementation Review (PIR)inITIL's change management process suggests a deficiency in theassessment and evaluation of change requests(A). Proper assessment involves analyzing risks, impacts, and feasibility before approving changes. If this step is inadequate (e.g., overlooking conflicts or underestimating impacts), changes are more likely to fail, as they may not align with objectives or be poorly planned.
* Insufficient resources (B):May cause delays but is less directly tied to failed objectives compared to poor assessment.
* CAB meetings not taking place (C):The CAB reviews changes, but the scenario doesn't indicate meetings are absent; poor assessment can occur even with CAB involvement.
* Insufficient budget (D):May limit implementation but is less likely the primary cause of failed objectives.
Reference:EPI CITM study guide, under Service Management, likely references ITIL's change management process, emphasizing the importance of change assessment. Check sections on change management or PIR.


質問 # 23
What is the correct sequence of activities for a risk assessment?

  • A. Identify - analyse - evaluate - treatment - monitor and review
  • B. Monitor and review - establish context - identify - evaluate - treatment
  • C. Communication - establish context - analyse - treatment - monitor and review
  • D. Establish context - identify - analyse - evaluate - treatment

正解:D

解説:
The correct sequence for arisk assessment, as perISO 31000andISO/IEC 27001, is:Establish context - identify - analyse - evaluate - treatment(C).
* Establish context:Define the scope, objectives, and criteria for the risk assessment (e.g., organizational goals, assets, and risk appetite).
* Identify:Identify potential risks (e.g., threats and vulnerabilities) that could impact objectives.
* Analyse:Assess the likelihood and impact of identified risks to determine their severity.
* Evaluate:Compare risks against risk criteria to prioritize them for treatment.
* Treatment:Implement controls or strategies to mitigate, avoid, transfer, or accept risks.
* Option A:Incorrect, as "monitor and review" is a post-treatment step, not the starting point.
* Option B:Incorrect, as "communication" is not a distinct step in risk assessment; it's embedded throughout.
* Option D:Incorrect, as it skips "establish context," which is essential for defining the assessment's scope.
This sequence ensures a structured, systematic approach to risk assessment, aligning with organizational objectives.
Reference:EPI CITM study guide, under Risk Management, likely references ISO 31000 or ISO/IEC 27001 for risk assessment processes. Check sections on risk assessment methodologies or risk management lifecycle.


質問 # 24
Little to no budget is available for hiring new staff for the IT service desk. What is the ideal method of sourcing knowing that little time is available?

  • A. Word of mouth
  • B. Recruitment agency
  • C. Internet job board
  • D. Internal IT staff based on a SWOT analysis

正解:C

解説:
Given the constraints oflittle to no budgetandlimited time,internet job boardsare the ideal sourcing method. They are cost-effective (often free or low-cost), allow quick posting of job openings, and reach a wide pool of candidates, enabling rapid hiring.
Word of mouth (A) is informal and may not yield qualified candidates quickly. Internal IT staff based on SWOT analysis (B) is not a standard recruitment method and takes time to analyze. Recruitment agencies (D) are expensive and slower due to their processes, making them unsuitable for low-budget, urgent hiring.
Reference:EPI CITM study guide, under IT Organization, likely discusses recruitment strategies for IT staff, emphasizing cost-effective methods like job boards. Check sections on human resource management or staffing.


質問 # 25
Senior management requests a service requirement analysis to justify the need for a vendor. During the analysis, it is concluded that the internal IT provider has insufficient manpower and lacks the skills to deliver the work required. Which gaps are identified?

  • A. Technical and organizational
  • B. Financial and technical
  • C. Financial and organizational

正解:A

解説:
The analysis identifiesinsufficient manpower(a staffing issue) andlack of skills(a capability issue) within the internal IT provider. These gaps correspond toorganizational(manpower, related to staffing and resource allocation) andtechnical(skills, related to expertise and technical capabilities) deficiencies (B).
* Financial and organizational (A):Financial gaps (e.g., budget constraints) are not mentioned in the scenario.
* Financial and technical (C):Financial issues are not indicated; the focus is on manpower and skills.
According tovendor management frameworks, identifying gaps in internal capabilities (e.g., staffing and technical expertise) justifies outsourcing to a vendor to fill these deficiencies.
Reference:EPI CITM study guide, under Vendor Selection/Management, likely covers service requirement analysis and gap identification. Check sections on vendor justification or capability assessment.


質問 # 26
In system (application) development, a use case (user story) is a list of steps defining interactions between a role and a system to achieve a goal. What type of requirement is mentioned here?

  • A. Functional requirement
  • B. Behavioral requirement
  • C. Security requirement
  • D. Non-functional requirement

正解:A

解説:
Ause caseoruser storydescribes interactions between a user (role) and the system to achieve a specific goal, defining what the system must do. This corresponds to afunctional requirement(A), which specifies the system's features or capabilities (e.g., "the system shall allow users to submit a return request"). According to SDLCand requirements engineering, functional requirements focus on specific functionalities, as captured in use cases.
* Behavioral requirement (B):Not a standard term; it may refer to system behavior but is less specific than functional requirements.
* Non-functional requirement (C):Covers performance, scalability, or usability (e.g., response time), not specific user interactions.
* Security requirement (D):A subset of non-functional requirements focused on security, not general use case interactions.
Reference:EPI CITM study guide, under Application Management, likely discusses requirements engineering in the SDLC, emphasizing functional requirements in use cases. Check sections on system design or requirements analysis.


質問 # 27
Lately, the support desk is receiving several requests for password resets from individuals who appear to be unknown to the organization. Possible criminal activities are suspected, and the organization wishes to address this issue in their information security awareness program. What is the area that requires awareness?

  • A. Instant (mobile) messaging
  • B. E-mail usage
  • C. Social engineering
  • D. Internet usage

正解:C

解説:
Requests for password resets from unknown individuals suggestsocial engineeringattacks, such as phishing or impersonation, where attackers manipulate users to gain unauthorized access. An information security awareness program should focus on educating staff about social engineering tactics to recognize and prevent such incidents.
E-mail usage (A), instant messaging (B), and internet usage (C) may be vectors for attacks, but the core issue is social engineering, which encompasses tactics used across these channels.
Reference:EPI CITM study guide, under Information Security Management, likely emphasizes social engineering in security awareness training. Refer to sections on security awareness or threat management.


質問 # 28
Controls to manage risk have been implemented and evaluated successfully. Risks are now at the level which the organization is willing to accept. What is the name of this risk?

  • A. Residual risk
  • B. Lowered risk
  • C. Modified risk
  • D. Reduced risk

正解:A

解説:
Inrisk management, after controls are implemented to mitigate risks, the remaining risk that the organization is willing to accept is calledresidual risk(C). According to frameworks likeISO/IEC 27001andCOBIT, residual risk represents the level of risk that persists after applying controls, deemed acceptable based on the organization's risk appetite. For example, if a control reduces the likelihood or impact of a threat (e.g., data breach), the remaining exposure is the residual risk, which the organization monitors but does not further mitigate unless necessary.
* Reduced risk (A):Not a standard term; implies a general decrease but lacks specificity.
* Lowered risk (B):Similar to reduced risk, not a recognized term in risk management frameworks.
* Modified risk (D):Implies risk alteration but is not a standard term for post-control risk levels.
Residual risk is a critical concept in risk management, ensuring organizations understand and accept the remaining exposure after mitigation efforts.
Reference:EPI CITM study guide, under Risk Management, likely references ISO/IEC 27001 or COBIT, emphasizing residual risk in risk assessment and treatment processes. Check sections on risk management frameworks or risk evaluation.


質問 # 29
What is the Critical Success Factor (CSF) in IT services review?

  • A. Explain shortcomings and bottlenecks during IT services review meeting with the customer
  • B. Suitable location for the IT service review meeting to take place
  • C. Inform customers on improvements made
  • D. Evaluate deliverables before meeting the customer for an IT service review

正解:D

解説:
ACritical Success Factor (CSF)inIT services review, as perITIL's service management framework, is to evaluate deliverables before meeting the customer for an IT service review(A). This ensures that the IT service provider has thoroughly assessed service performance, identified issues, and prepared actionable insights or recommendations to discuss with the customer. Pre-evaluating deliverables enables a productive review meeting, ensuring alignment with customer expectations and service level agreements (SLAs).
* Suitable location (B):Logistical factors like location are not critical to the success of the review process.
* Explain shortcomings and bottlenecks (C):While transparency is important, focusing only on issues without prior evaluation may undermine the review's effectiveness.
* Inform customers on improvements (D):Informing about improvements is part of the review but not the CSF; evaluation of deliverables is the foundation for meaningful discussions.
Reference:EPI CITM study guide, under Service Management, likely references ITIL's service review processes, emphasizing preparation and evaluation. Check sections on service level management or service review.


質問 # 30
The introduction of a security awareness program has resulted in a quick decrease in security incidents. Eight months later, security incidents are showing a sudden increase, and the blame is put on a non-functioning security awareness program. What is most likely the cause?

  • A. Insufficient budget
  • B. Scope of the program is too narrow, not covering all areas of interest
  • C. Message materials are few and static, and renewal is not taking place
  • D. Lack of resources for instructor-led sessions

正解:C

解説:
Security awareness programs require ongoing engagement to remain effective. If security incidents decrease initially but increase after eight months, the most likely cause is thatmessage materials are few and static, and renewal is not taking place(C). Static content becomes outdated or ignored over time, reducing its impact. Regular updates, new campaigns, and varied delivery methods (e.g., videos, quizzes) are essential to maintain employee awareness and adapt to evolving threats, as perISO/IEC 27001orNISTsecurity awareness guidelines.
* Insufficient budget (A):While budget constraints could limit program scope, there's no evidence in the scenario to suggest this is the primary issue.
* Scope too narrow (B):A narrow scope might limit effectiveness initially, but the initial success suggests the scope was adequate; the issue is sustaining engagement.
* Lack of resources for instructor-led sessions (D):Instructor-led sessions are one delivery method, but the core issue is likely outdated content rather than delivery format.
Reference:EPI CITM study guide, under Information Security Management, likely discusses security awareness program maintenance, emphasizing the need for regular content updates. Refer to sections on security awareness or human factors in security.


質問 # 31
As part of feedback collection techniques, it is suggested to include anonymous feedback. What would be the most likely reason for this?

  • A. Easier processing of data collected
  • B. Reduced time spent for feedback participant
  • C. Avoidance of non-compliance to regulations
  • D. Promotion of honest feedback while avoiding fear for backfiring on the participant

正解:D

解説:
The primary reason for includinganonymous feedbackin feedback collection is topromote honest feedback while avoiding fear for backfiring on the participant(B). Anonymity encourages participants to provide candid, truthful responses without worrying about repercussions, such as criticism or retaliation, which is critical inservice managementfor gathering accurate insights into service quality or issues. According toITIL' s continual service improvement (CSI), honest feedback is essential for identifying areas for improvement.
* Avoidance of non-compliance (A):Anonymity is unrelated to regulatory compliance in this context.
* Easier processing of data (C):Anonymity may complicate data processing by removing identifiers, not simplifying it.
* Reduced time (D):Anonymity doesn't inherently reduce the time required for feedback.
Reference:EPI CITM study guide, under Service Management, likely discusses feedback collection in ITIL's CSI framework, emphasizing anonymity for honest input. Check sections on customer feedback or service improvement.


質問 # 32
A selection process for new IT staff has started. The Human Resource department has requested to follow the corporate staff hiring protocol. One mandatory item to be included is additional screening. What is verified by doing this?

  • A. Salary demands
  • B. Educational level
  • C. Number of years working experience
  • D. Criminal record

正解:D

解説:
In corporate hiring protocols,additional screeningtypically refers to background checks beyond basic qualifications, such as verifying a candidate'scriminal record. This is critical for IT roles, where employees may have access to sensitive systems and data, ensuring trustworthiness and compliance with security policies.
Salary demands (A) are negotiated during the hiring process, not screened. Number of years of experience (B) and educational level (D) are verified through resumes and standard checks, not typically classified as
"additional screening," which focuses on security-related checks like criminal records.
Reference:EPI CITM study guide, under IT Organization, likely covers hiring protocols and security considerations, emphasizing background checks for IT staff. Check sections on human resource management or information security management.


質問 # 33
Due to technical and operational constraints, the preferred control to lower the risks identified is to outsource part of IT operations to an external vendor. What type of risk treatment is applied here?

  • A. Modification
  • B. Retention
  • C. Transferred
  • D. Sharing

正解:C

解説:
Outsourcing IT operations to an external vendor is a form ofrisk transfer(C), where the responsibility for managing certain risks (e.g., operational or technical risks) is shifted to the vendor. According toISO 31000, risk treatment strategies include transferring risk to a third party, often through contracts or outsourcing agreements, where the vendor assumes responsibility for mitigating specific risks.
* Sharing (A):Involves distributing risk among multiple parties, not fully transferring it to one.
* Retention (B):Means accepting the risk without mitigation, not applicable here.
* Modification (D):Refers to changing processes or controls to reduce risk, not outsourcing.
Reference:EPI CITM study guide, under Risk Management, likely references ISO 31000's risk treatment strategies, including risk transfer. Check sections on risk treatment or outsourcing.


質問 # 34
The organization's online retail system popularity has resulted in global demand. To provide customers with a
24x7 option for support in regard to returning products, a virtual assistant is designed providing simple instructions based on pre-defined questions which are commonly asked by customers. Which type of Machine Learning (ML) is applied?

  • A. Deep learning
  • B. Reinforcement learning
  • C. Unsupervised
  • D. Supervised

正解:D

解説:
The scenario describes a virtual assistant designed to provide simple instructions for product returns based on pre-defined questionscommonly asked by customers. This indicates the use ofsupervised machine learning (B), where the system is trained on a labeled dataset (e.g., questions paired with correct responses) to predict appropriate answers. Supervised learning is ideal for applications like chatbots or virtual assistants that rely on predefined input-output pairs to handle customer queries efficiently.
* Unsupervised (A):Involves finding patterns in unlabeled data (e.g., clustering), not suitable for predefined question-response tasks.
* Reinforcement learning (C):Focuses on learning through trial and error with rewards, used in dynamic environments (e.g., robotics), not for static question answering.
* Deep learning (D):A subset of supervised or unsupervised learning using neural networks, but the question doesn't specify complex architectures, making supervised learning the broader, correct choice.
Supervised learning aligns withIT strategyfor deploying AI-driven customer support tools, as it ensures accurate, predictable responses based on trained data, enhancing user experience in a global retail system.
Reference:EPI CITM study guide, under IT Strategy, likely discusses emerging technologies like AI and machine learning, emphasizing supervised learning for customer-facing applications. Refer to sections on artificial intelligence or customer support technologies.


質問 # 35
Business is changing fast, resulting in the need to formally appoint a new staff member responsible for guiding the process in a controlled manner. Which role does apply?

  • A. Service Level Manager
  • B. Risk Manager
  • C. Business Relationship Manager
  • D. Change Manager

正解:D

解説:
In a fast-changing business environment, aChange Manager(D) is responsible for guiding the change process in a controlled manner. According toITIL, the Change Manager oversees the change management process, ensuring that changes to IT services or infrastructure are assessed, approved, and implemented with minimal disruption to business operations. This role is critical when rapid business changes require structured control to maintain stability and alignment with organizational goals.
* Risk Manager (A):Focuses on identifying and mitigating risks, not directly managing change processes.
* Service Level Manager (B):Ensures service levels meet agreed standards, focusing on service delivery rather than change control.
* Business Relationship Manager (C):Manages relationships with business stakeholders to align IT services with needs, not specifically change processes.
The Change Manager's role, as defined in ITIL's change management framework, is essential for controlling the pace and impact of changes in a dynamic environment.
Reference:EPI CITM study guide, under Service Management, likely references ITIL's change management processes, detailing the Change Manager's responsibilities. Check sections on ITIL change management or service transition.


質問 # 36
The new social media platform is multi-media supported and will generate a large volume of raw data. The marketing department has a need for advanced analysis of this data. Which data management technology applies best?

  • A. Digital Asset Management (DAM)
  • B. Big Data Analysis
  • C. Online Analytical Processing (OLAP)
  • D. Master Data Management (MDM)

正解:B

解説:
The scenario describes a social media platform generating alarge volume of raw data(e.g., user interactions, multimedia content) and a need foradvanced analysisby the marketing department.Big Data Analysis(D) is the best technology, as it handles large, unstructured datasets and uses advanced techniques (e.g., machine learning, predictive analytics) to derive insights, such as user behavior or campaign effectiveness.
* Master Data Management (MDM) (A):Focuses on managing core business data (e.g., customer records) for consistency, not analyzing large raw datasets.
* Digital Asset Management (DAM) (B):Manages multimedia assets (e.g., images, videos) for storage and retrieval, not advanced analysis.
* Online Analytical Processing (OLAP) (C):Supports multidimensional analysis of structured data but is less suited for unstructured, large-scale social media data compared to big data tools.
Big Data Analysis aligns withIT strategyfor leveraging large datasets to drive business value, as per modern data management frameworks.
Reference:EPI CITM study guide, under IT Strategy, likely discusses data management technologies, emphasizing big data for advanced analytics. Refer to sections on data analytics or emerging technologies.


質問 # 37
Senior management is concerned fraudulent activities may take place during large financial transactions. To reduce the risk of fraud, it expects the proper controls to be in place. Which security principle is in need of the highest attention?

  • A. Confidentiality
  • B. Availability
  • C. Reliability
  • D. Integrity

正解:D

解説:
To reduce the risk of fraud in large financial transactions, the security principle ofintegrity(C) requires the highest attention.Integrity, as perISO/IEC 27001's CIA triad (Confidentiality, Integrity, Availability), ensures that data is accurate, complete, and unaltered. Fraud often involves manipulating transaction data, so controls like data validation, checksums, or audit trails are critical to maintain integrity and prevent unauthorized changes.
* Confidentiality (A):Protects data from unauthorized access, less directly related to fraud prevention.
* Availability (B):Ensures system access, not the primary concern for fraud.
* Reliability (D):Not a standard CIA triad principle; may relate to system performance but not fraud.
Reference:EPI CITM study guide, under Information Security Management, likely references the CIA triad, emphasizing integrity for fraud prevention. Check sections on security principles or fraud controls.


質問 # 38
One particular incident repeatedly occurs every first day of the working week. As part of problem management, it is decided to gather a group of technical specialists to conduct problem analysis. Which technique is recommended?

  • A. 5-Whys
  • B. Technical observation post
  • C. Kepner-Tregoe
  • D. Fault isolation

正解:A

解説:
For a recurring incident,problem managementinITILaims to identify the root cause to prevent future occurrences. The5-Whystechnique (C) is recommended as it involves repeatedly asking "why" to drill down to the root cause of the issue. This simple, effective method is suitable for a group of technical specialists analyzing a recurring problem, such as an incident occurring every Monday, which may stem from a specific process, configuration, or system issue.
* Kepner-Tregoe (A):A structured decision-making and problem-solving method, more complex and less focused on root cause analysis alone.
* Technical observation post (B):Not a standard problem management technique; likely a distractor.
* Fault isolation (D):Focuses on isolating faulty components, more applicable to hardware issues than recurring process-related incidents.
The 5-Whys technique is widely used in ITIL problem management for its simplicity and effectiveness in collaborative root cause analysis.
Reference:EPI CITM study guide, under Service Management, likely references ITIL's problem management techniques, including 5-Whys. Check sections on problem analysis or root cause analysis.


質問 # 39
......

CITM試験問題を今すぐ試そう!最新の[2025年最新] 正解回答付き:https://jp.fast2test.com/CITM-premium-file.html

合格させるCITM試験にはリアル問題解答:https://drive.google.com/open?id=1Cm6qBAzYxawv9I3zWvG4vp9p1atGJ-MO


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어