
Fast2test CITM問題集52問でEPI IT Managementを確実実践
リアル最新CITM試験問題CITM問題集
EXIN CITM 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
質問 # 25
Your organization considers a job rotation program. What is the main objective?
- A. Allow staff a diversity in their daily responsibilities
- B. Train staff on a range of activities common in daily operations
- C. Support the long-term continuity of the organization
- D. Increase staff job satisfaction
正解:C
解説:
The main objective of ajob rotation programin anIT organizationis tosupport the long-term continuity of the organization(A). Job rotation ensures that multiple staff members are trained across various roles and tasks, reducing dependency on specific individuals and mitigating risks associated with staff turnover or absences. This approach enhances organizational resilience by creating a flexible, cross-trained workforce capable of maintaining operations, aligning withIT organizationprinciples for workforce planning and business continuity.
* Train staff on a range of activities (B):While training is a benefit, it is a means to achieve continuity, not the primary objective.
* Increase staff job satisfaction (C):Job satisfaction may be a secondary benefit, but it's not the main goal in an IT context.
* Allow staff a diversity in responsibilities (D):Diversity in tasks is a byproduct, not the primary focus, which is organizational continuity.
According tohuman resource managementframeworks, job rotation is a strategic tool for ensuring operational stability, particularly in IT environments where specialized skills are critical.
Reference:EPI CITM study guide, under IT Organization, likely discusses workforce planning and job rotation for continuity. Check sections on human resource management or organizational resilience.
質問 # 26
Senior management is concerned fraudulent activities may take place during large financial transactions. To reduce the risk of fraud, it expects the proper controls to be in place. Which security principle is in need of the highest attention?
- A. Integrity
- B. Confidentiality
- C. Availability
- D. Reliability
正解:A
解説:
To reduce the risk of fraud in large financial transactions, the security principle ofintegrity(C) requires the highest attention.Integrity, as perISO/IEC 27001's CIA triad (Confidentiality, Integrity, Availability), ensures that data is accurate, complete, and unaltered. Fraud often involves manipulating transaction data, so controls like data validation, checksums, or audit trails are critical to maintain integrity and prevent unauthorized changes.
* Confidentiality (A):Protects data from unauthorized access, less directly related to fraud prevention.
* Availability (B):Ensures system access, not the primary concern for fraud.
* Reliability (D):Not a standard CIA triad principle; may relate to system performance but not fraud.
Reference:EPI CITM study guide, under Information Security Management, likely references the CIA triad, emphasizing integrity for fraud prevention. Check sections on security principles or fraud controls.
質問 # 27
The new social media platform is multi-media supported and will generate a large volume of raw data. The marketing department has a need for advanced analysis of this data. Which data management technology applies best?
- A. Digital Asset Management (DAM)
- B. Big Data Analysis
- C. Master Data Management (MDM)
- D. Online Analytical Processing (OLAP)
正解:B
解説:
The scenario describes a social media platform generating alarge volume of raw data(e.g., user interactions, multimedia content) and a need foradvanced analysisby the marketing department.Big Data Analysis(D) is the best technology, as it handles large, unstructured datasets and uses advanced techniques (e.g., machine learning, predictive analytics) to derive insights, such as user behavior or campaign effectiveness.
* Master Data Management (MDM) (A):Focuses on managing core business data (e.g., customer records) for consistency, not analyzing large raw datasets.
* Digital Asset Management (DAM) (B):Manages multimedia assets (e.g., images, videos) for storage and retrieval, not advanced analysis.
* Online Analytical Processing (OLAP) (C):Supports multidimensional analysis of structured data but is less suited for unstructured, large-scale social media data compared to big data tools.
Big Data Analysis aligns withIT strategyfor leveraging large datasets to drive business value, as per modern data management frameworks.
Reference:EPI CITM study guide, under IT Strategy, likely discusses data management technologies, emphasizing big data for advanced analytics. Refer to sections on data analytics or emerging technologies.
質問 # 28
The Service Level Agreement (SLA) mentions a section 'estimated system response times'. What is not a key factor for a successful delivery?
- A. The technical specifications of the IT infrastructure
- B. The skills and knowledge of staff working at the IT service provider organization
- C. The price for the IT service
- D. The technical specifications of the system
正解:C
解説:
AnSLA's section onestimated system response timesfocuses on ensuring the system meets performance expectations. Key factors for successful delivery include:
* Technical specifications of the system (A):Defines the system's capabilities (e.g., processing power, architecture) critical for response times.
* Skills and knowledge of staff (C):Ensures the IT team can manage and optimize the system for performance.
* Technical specifications of the IT infrastructure (D):Includes network, servers, and storage, which directly impact response times.
Price for the IT service (B)is not a direct factor in achieving system response times, as it relates to cost negotiation rather than technical performance. While budget may influence resource allocation, it's not a key factor in delivering the SLA's performance metrics.
Reference:EPI CITM study guide, under Service Management, likely covers ITIL's service level management, emphasizing factors affecting SLA performance metrics like response times. Refer to sections on SLA components or service delivery.
質問 # 29
During several project meetings, it is discovered that certain team members are not fully aware of, and/or do not understand, the activities for which they are responsible. Which process is most likely to be blamed for this?
- A. Communication management
- B. Scope management
- C. Risk management
- D. Cost management
正解:A
解説:
Team members' lack of awareness or understanding of their responsibilities points to a failure in communication management(C). According toPMBOK, communication management ensures that project information, including roles, responsibilities, and activities, is effectively communicated to all stakeholders.
Poor communication planning or execution (e.g., unclear task assignments or inadequate briefings) can lead to misunderstandings, as seen in this scenario.
* Risk management (A):Focuses on identifying and mitigating risks, not task communication.
* Cost management (B):Deals with budgeting and cost control, not role clarification.
* Scope management (D):Defines project scope and deliverables, but communication management ensures team members understand their responsibilities within that scope.
Reference:EPI CITM study guide, under Project Management, likely covers PMBOK's communication management processes, emphasizing stakeholder engagement and information distribution. Check sections on project communication or stakeholder management.
質問 # 30
Little to no budget is available for hiring new staff for the IT service desk. What is the ideal method of sourcing knowing that little time is available?
- A. Internet job board
- B. Word of mouth
- C. Internal IT staff based on a SWOT analysis
- D. Recruitment agency
正解:A
解説:
Given the constraints oflittle to no budgetandlimited time,internet job boardsare the ideal sourcing method. They are cost-effective (often free or low-cost), allow quick posting of job openings, and reach a wide pool of candidates, enabling rapid hiring.
Word of mouth (A) is informal and may not yield qualified candidates quickly. Internal IT staff based on SWOT analysis (B) is not a standard recruitment method and takes time to analyze. Recruitment agencies (D) are expensive and slower due to their processes, making them unsuitable for low-budget, urgent hiring.
Reference:EPI CITM study guide, under IT Organization, likely discusses recruitment strategies for IT staff, emphasizing cost-effective methods like job boards. Check sections on human resource management or staffing.
質問 # 31
The project brief/project charter is created. Which of the following is not part of it?
- A. High-level risk
- B. Detailed planning
- C. Summary budget
- D. Quality expectations
正解:B
解説:
Theproject charter(or project brief) is a high-level document created during theinitiation phaseof a project, as defined byPMBOK(Project Management Body of Knowledge). It outlines the project's purpose, objectives, scope, and key elements but does not includedetailed planning(A), which occurs during the planning phase after the charter is approved. The charter typically includes:
* High-level risks (B):Identifies major risks to provide early awareness.
* Summary budget (C):Provides an initial cost estimate for approval.
* Quality expectations (D):Defines high-level quality requirements or standards.
Detailed planning, such as creating a detailed Work Breakdown Structure (WBS) or schedule, is part of the project management plan developed later, not the charter.
Reference:EPI CITM study guide, under Project Management, likely references PMBOK's project initiation processes, detailing the components of a project charter. Refer to sections on project initiation or project charter development.
質問 # 32
The new system (application) is ready for adoption (implementation). The customer is concerned that an instant change-over from the current system to the new system will create a large impact on the user base.
You are requested to propose an approach for adoption. Which of the items listed below is recommended?
- A. Coordinated
- B. Big bang
- C. Phased
- D. Parallel
正解:D
解説:
When implementing a new system, the customer's concern about a large impact on the user base suggests the need for a low-risk, controlled adoption strategy. Inapplication management, theparalleladoption approach (B) involves running both the old and new systems simultaneously for a period, allowing users to transition gradually while ensuring the new system functions correctly. This minimizes disruption, as the old system remains operational as a fallback if issues arise with the new system.
* Big bang (A):This approach involves switching entirely to the new system at once, which is high-risk and likely to cause significant disruption, especially for a concerned user base. It's unsuitable here due to the potential for widespread impact.
* Coordinated (C):This is not a standard term in application deployment strategies. It may imply a managed transition but lacks the specificity of parallel or phased approaches.
* Phased (D):This involves rolling out the new system incrementally (e.g., by department or module), which reduces risk but doesn't provide the same level of safety as parallel, where both systems run concurrently to ensure continuity.
Theparallelapproach is ideal for mitigating risks during a critical system transition, as it allows validation of the new system's performance while maintaining business continuity. According toITILorSDLCframeworks, parallel adoption is often recommended for mission-critical systems to ensure stability and user acceptance.
Reference:EPI CITM study guide, under Application Management, likely discusses system implementation strategies within the Software Development Life Cycle (SDLC) or ITIL's service asset and configuration management. Refer to sections on application deployment, transition planning, or change management for details on parallel adoption.
質問 # 33
Business is changing fast, resulting in the need to formally appoint a new staff member responsible for guiding the process in a controlled manner. Which role does apply?
- A. Service Level Manager
- B. Business Relationship Manager
- C. Change Manager
- D. Risk Manager
正解:C
解説:
In a fast-changing business environment, aChange Manager(D) is responsible for guiding the change process in a controlled manner. According toITIL, the Change Manager oversees the change management process, ensuring that changes to IT services or infrastructure are assessed, approved, and implemented with minimal disruption to business operations. This role is critical when rapid business changes require structured control to maintain stability and alignment with organizational goals.
* Risk Manager (A):Focuses on identifying and mitigating risks, not directly managing change processes.
* Service Level Manager (B):Ensures service levels meet agreed standards, focusing on service delivery rather than change control.
* Business Relationship Manager (C):Manages relationships with business stakeholders to align IT services with needs, not specifically change processes.
The Change Manager's role, as defined in ITIL's change management framework, is essential for controlling the pace and impact of changes in a dynamic environment.
Reference:EPI CITM study guide, under Service Management, likely references ITIL's change management processes, detailing the Change Manager's responsibilities. Check sections on ITIL change management or service transition.
質問 # 34
Controls to manage risk have been implemented and evaluated successfully. Risks are now at the level which the organization is willing to accept. What is the name of this risk?
- A. Modified risk
- B. Reduced risk
- C. Lowered risk
- D. Residual risk
正解:D
解説:
Inrisk management, after controls are implemented to mitigate risks, the remaining risk that the organization is willing to accept is calledresidual risk(C). According to frameworks likeISO/IEC 27001andCOBIT, residual risk represents the level of risk that persists after applying controls, deemed acceptable based on the organization's risk appetite. For example, if a control reduces the likelihood or impact of a threat (e.g., data breach), the remaining exposure is the residual risk, which the organization monitors but does not further mitigate unless necessary.
* Reduced risk (A):Not a standard term; implies a general decrease but lacks specificity.
* Lowered risk (B):Similar to reduced risk, not a recognized term in risk management frameworks.
* Modified risk (D):Implies risk alteration but is not a standard term for post-control risk levels.
Residual risk is a critical concept in risk management, ensuring organizations understand and accept the remaining exposure after mitigation efforts.
Reference:EPI CITM study guide, under Risk Management, likely references ISO/IEC 27001 or COBIT, emphasizing residual risk in risk assessment and treatment processes. Check sections on risk management frameworks or risk evaluation.
質問 # 35
Vendor management meetings take place several times per year. What is the main objective for these meetings?
- A. Discuss improvement programs
- B. Verify if the vendor continues to meet the requirements of the contract, supporting the business processes
- C. Explore improvement programs
- D. Identify possible price increases
正解:B
解説:
The main objective ofvendor management meetingsis toverify if the vendor continues to meet the requirements of the contract, supporting the business processes(C). These meetings, as part ofvendor management frameworks, ensure that the vendor's performance aligns with contractual obligations, service level agreements (SLAs), and business needs. They involve reviewing service delivery, compliance, and any issues affecting business processes.
* Explore improvement programs (A):A secondary goal, as improvements may arise from performance reviews.
* Identify possible price increases (B):Price discussions may occur, but they are not the primary focus.
* Discuss improvement programs (D):Similar to A, this is a potential outcome but not the main objective.
Reference:EPI CITM study guide, under Vendor Selection/Management, likely covers vendor performance monitoring and contract compliance. Check sections on vendor management or SLA monitoring.
質問 # 36
In project management, what is the objective of a 'lessons learned' report?
- A. To establish accountability for the mistakes being made in the project
- B. Bringing forward positive and negative elements with the intent to benefit future projects
- C. To inform the project owner with the overall achievement of the project's objectives
- D. To identify all risks that occurred during the project
正解:B
解説:
Alessons learned reportin project management is designed to document both positive and negative experiences from a project to improve future projects. According to theProject Management Institute (PMI) and frameworks like PMBOK, the purpose is to capture insights, successes, challenges, and recommendations to enhance processes, avoid repeating mistakes, and replicate successes in future initiatives.
Option A focuses only on reporting achievements, which is too narrow. Option B emphasizes accountability for mistakes, which is not the primary goal, as the report aims to improve rather thanblame. Option C is incorrect because identifying risks is part of risk management, not the primary focus of lessons learned.
Option D correctly captures the intent to benefit future projects by analyzing both positive and negative aspects.
Reference:EPI CITM study guide, under Project Management, likely references PMBOK or similar frameworks, specifically the "Close Project or Phase" process, where lessons learned are documented. Check the section on project closure or knowledge management.
質問 # 37
The project brief/project charter is created. Which of the following is not part of it?
- A. High-level risk
- B. Detailed planning
- C. Summary budget
- D. Quality expectations
正解:B
解説:
Theproject charter(or project brief) is a high-level document created during theinitiation phaseof a project, as defined byPMBOK(Project Management Body of Knowledge). It outlines the project's purpose, objectives, scope, and key elements but does not includedetailed planning(A), which occurs during the planning phase after the charter is approved. The charter typically includes:
* High-level risks (B):Identifies major risks to provide early awareness.
* Summary budget (C):Provides an initial cost estimate for approval.
* Quality expectations (D):Defines high-level quality requirements or standards.
Detailed planning, such as creating a detailed Work Breakdown Structure (WBS) or schedule, is part of the project management plan developed later, not the charter.
Reference:EPI CITM study guide, under Project Management, likely references PMBOK's project initiation processes, detailing the components of a project charter. Refer to sections on project initiation or project charter development.
質問 # 38
During the system (application) development project, the customer wants to know how software will be maintained to assure that future functional requirements are incorporated. What type of system maintenance is the customer looking for?
- A. Corrective maintenance
- B. Preventive maintenance
- C. Adaptive maintenance
- D. Perfective maintenance
正解:D
解説:
The customer's focus on incorporatingfuture functional requirementsindicates a need forperfective maintenance(B). Inapplication management, perfective maintenance involves enhancing software to add new features or improve functionality to meet evolving business needs, such as adding new modules or capabilities.
* Preventive maintenance (A):Focuses on preventing issues by optimizing performance or addressing potential problems, not adding new features.
* Corrective maintenance (C):Involves fixing bugs or errors, not incorporating new functionality.
* Adaptive maintenance (D):Adapts software to environmental changes (e.g., new operating systems), not specifically for new functional requirements.
Perfective maintenance aligns with theSDLC's maintenance phase, ensuring the software evolves to support future business requirements.
Reference:EPI CITM study guide, under Application Management, likely covers software maintenance types in the SDLC, emphasizing perfective maintenance for enhancements. Refer to sections on application lifecycle or maintenance strategies.
質問 # 39
What is the correct sequence of activities for a risk assessment?
- A. Communication - establish context - analyse - treatment - monitor and review
- B. Identify - analyse - evaluate - treatment - monitor and review
- C. Establish context - identify - analyse - evaluate - treatment
- D. Monitor and review - establish context - identify - evaluate - treatment
正解:C
解説:
The correct sequence for arisk assessment, as perISO 31000andISO/IEC 27001, is:Establish context - identify - analyse - evaluate - treatment(C).
* Establish context:Define the scope, objectives, and criteria for the risk assessment (e.g., organizational goals, assets, and risk appetite).
* Identify:Identify potential risks (e.g., threats and vulnerabilities) that could impact objectives.
* Analyse:Assess the likelihood and impact of identified risks to determine their severity.
* Evaluate:Compare risks against risk criteria to prioritize them for treatment.
* Treatment:Implement controls or strategies to mitigate, avoid, transfer, or accept risks.
* Option A:Incorrect, as "monitor and review" is a post-treatment step, not the starting point.
* Option B:Incorrect, as "communication" is not a distinct step in risk assessment; it's embedded throughout.
* Option D:Incorrect, as it skips "establish context," which is essential for defining the assessment's scope.
This sequence ensures a structured, systematic approach to risk assessment, aligning with organizational objectives.
Reference:EPI CITM study guide, under Risk Management, likely references ISO 31000 or ISO/IEC 27001 for risk assessment processes. Check sections on risk assessment methodologies or risk management lifecycle.
質問 # 40
Whilst creating the IT service catalog, a needs analysis is conducted. One of the items discussed is the data points required for the IT services. What is the objective of these data points?
- A. To measure the performance of IT services delivered
- B. To identify the data being used by the customer
- C. To determine the life expectancy of IT services
- D. To establish the operating hours of the IT services
正解:A
解説:
InITIL's service catalog management, data points required for IT services are used tomeasure the performance of IT services delivered(A). These data points (e.g., uptime, response times, incident resolution rates) enable the IT provider to monitor and report on service quality, ensuring alignment with service level agreements (SLAs) and customer expectations. A needs analysis identifies key performance indicators (KPIs) to track service effectiveness.
* Identify data used by the customer (B):Focuses on customer data usage, not service performance.
* Determine life expectancy (C):Relates to service lifecycle planning, not data points.
* Establish operating hours (D):Operating hours are a service attribute, not the primary purpose of data points.
Reference:EPI CITM study guide, under Service Management, likely references ITIL's service catalog management, emphasizing KPIs for performance measurement. Check sections on service catalog or performance metrics.
質問 # 41
One particular incident repeatedly occurs every first day of the working week. As part of problem management, it is decided to gather a group of technical specialists to conduct problem analysis. Which technique is recommended?
- A. Technical observation post
- B. 5-Whys
- C. Kepner-Tregoe
- D. Fault isolation
正解:B
解説:
For a recurring incident,problem managementinITILaims to identify the root cause to prevent future occurrences. The5-Whystechnique (C) is recommended as it involves repeatedly asking "why" to drill down to the root cause of the issue. This simple, effective method is suitable for a group of technical specialists analyzing a recurring problem, such as an incident occurring every Monday, which may stem from a specific process, configuration, or system issue.
* Kepner-Tregoe (A):A structured decision-making and problem-solving method, more complex and less focused on root cause analysis alone.
* Technical observation post (B):Not a standard problem management technique; likely a distractor.
* Fault isolation (D):Focuses on isolating faulty components, more applicable to hardware issues than recurring process-related incidents.
The 5-Whys technique is widely used in ITIL problem management for its simplicity and effectiveness in collaborative root cause analysis.
Reference:EPI CITM study guide, under Service Management, likely references ITIL's problem management techniques, including 5-Whys. Check sections on problem analysis or root cause analysis.
質問 # 42
......
CITM別格な問題集で最上級の成績にさせるCITM問題:https://jp.fast2test.com/CITM-premium-file.html
手に入れよう!最新CITM認定の有効な試験問題集解答:https://drive.google.com/open?id=1Cm6qBAzYxawv9I3zWvG4vp9p1atGJ-MO