1167 お客様のコメント
質問 1:
The general ledger setup function in an enterprise resource package allows for setting accounting periods.
Access to this function has been permitted to users in finance, the shipping department, and production scheduling. What is the most likely reason for such broad access?
A. The need to create and modify the chart of accounts and its allocations.
B. The need to change accounting periods on a regular basis.
C. The lack of policies and procedures for the proper segregation of duties.
D. The requirement to post entries for a closed accounting period.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
What is the definition of Risk in Information Security?
A. Risk = Impact x Threat
B. Risk = Financial Impact x Probability
C. Risk = Threat x Probability
D. Risk = Probability x Impact
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
Many successful cyber-attacks currently include:
A. All of these
B. Misconfigurations
C. Phishing Attacks
D. Social engineering
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
A missing/ineffective security control is identified. Which of the following should be the NEXT step?
A. Perform an audit to measure the control formally
B. Escalate the issue to the IT organization
C. Establish Key Risk Indicators
D. Perform a risk assessment to measure risk
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
A CISO sees abnormally high volumes of exceptions to security requirements and constant pressure from business units to change security processes. Which of the following represents the MOST LIKELY cause of this situation?
A. Poor alignment of the security program to business needs
B. A lack of executive presence within the security program
C. This is normal since business units typically resist security requirements
D. Poor audit support for the security program
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
A. Risk management
B. Security management
C. Compliance management
D. Asset management
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
The amount of risk an organization is willing to accept in pursuit of its mission is known as
A. Risk acceptance
B. Risk transfer
C. Risk tolerance
D. Risk mitigation
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 8:
What is the main purpose of the Incident Response Team?
A. Ensure efficient recovery and reinstate repaired systems
B. Provide current employee awareness programs
C. Create effective policies detailing program activities
D. Communicate details of information security incidents
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
The general ledger setup function in an enterprise resource package allows for setting accounting periods.
Access to this function has been permitted to users in finance, the shipping department, and production scheduling. What is the most likely reason for such broad access?
A. The need to create and modify the chart of accounts and its allocations.
B. The need to change accounting periods on a regular basis.
C. The lack of policies and procedures for the proper segregation of duties.
D. The requirement to post entries for a closed accounting period.
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 2:
What is the definition of Risk in Information Security?
A. Risk = Impact x Threat
B. Risk = Financial Impact x Probability
C. Risk = Threat x Probability
D. Risk = Probability x Impact
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 3:
Many successful cyber-attacks currently include:
A. All of these
B. Misconfigurations
C. Phishing Attacks
D. Social engineering
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 4:
A missing/ineffective security control is identified. Which of the following should be the NEXT step?
A. Perform an audit to measure the control formally
B. Escalate the issue to the IT organization
C. Establish Key Risk Indicators
D. Perform a risk assessment to measure risk
正解:D
解説: (Pass4Test メンバーにのみ表示されます)
質問 5:
A CISO sees abnormally high volumes of exceptions to security requirements and constant pressure from business units to change security processes. Which of the following represents the MOST LIKELY cause of this situation?
A. Poor alignment of the security program to business needs
B. A lack of executive presence within the security program
C. This is normal since business units typically resist security requirements
D. Poor audit support for the security program
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
質問 6:
To make sure that the actions of all employees, applications, and systems follow the organization's rules and regulations can BEST be described as which of the following?
A. Risk management
B. Security management
C. Compliance management
D. Asset management
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 7:
The amount of risk an organization is willing to accept in pursuit of its mission is known as
A. Risk acceptance
B. Risk transfer
C. Risk tolerance
D. Risk mitigation
正解:C
解説: (Pass4Test メンバーにのみ表示されます)
質問 8:
What is the main purpose of the Incident Response Team?
A. Ensure efficient recovery and reinstate repaired systems
B. Provide current employee awareness programs
C. Create effective policies detailing program activities
D. Communicate details of information security incidents
正解:A
解説: (Pass4Test メンバーにのみ表示されます)
Kirisya -
ボリュームをあって内容も充実しています。
丁寧でわかりやすい解説で理解しやすいです。