708 お客様のコメント
クリック」
質問 1:
What action is an unintentional human threat?
A. Theft of a laptop
B. Arson
C. Incorrect use of fire extinguishing equipment
D. Social engineering
正解:C
質問 2:
Why do organizations have an information security policy?
A. In order to give direction to how information security is set up within an organization.
B. In order to ensure that staff do not break any laws.
C. In order to demonstrate the operation of the Plan-Do-Check-Act cycle within an organization.
D. In order to ensure that everyone knows who is responsible for carrying out the backup procedures.
正解:A
質問 3:
The consultants at Smith Consultants Inc. work on laptops that are protected by asymmetrical cryptography. To keep the management of the keys cheap, all consultants use the same key pair. What is the companys risk if they operate in this manner?
A. If the public key becomes known all laptops must be supplied with new keys.
B. If the Public Key Infrastructure (PKI) becomes known all laptops must be supplied with new keys.
C. If the private key becomes known all laptops must be supplied with new keys.
正解:C
質問 4:
Some security measures are optional. Other security measures must always be implemented. Which measure(s) must always be implemented?
A. Physical security measures
B. Clear Desk Policy
C. Logical access security measures
D. Measures required by laws and regulations
正解:D
質問 5:
An airline company employee notices that she has access to one of the company's applications that she has not used before. Is this an information security incident?
A. No
B. Yes
正解:A
質問 6:
What is a risk analysis used for?
A. A risk analysis is used in conjunction with security measures to reduce risks to an acceptable level.
B. A risk analysis is used to express the value of information for an organization in monetary terms.
C. A risk analysis is used to ensure that security measures are deployed in a cost-effective and timely fashion.
D. A risk analysis is used to clarify to management their responsibilities.
正解:C
質問 7:
You are the owner of the courier company SpeeDelivery. You employ a few people who, while waiting to make a delivery, can carry out other tasks. You notice, however, that they use this time to send and read their private mail and surf the Internet. In legal terms, in which way can the use of the Internet and e-mail facilities be best regulated?
A. Installing an application that makes certain websites no longer accessible and that filters attachments in e-mails
B. Implementing privacy regulations
C. Drafting a code of conduct for the use of the Internet and e-mail in which the rights and obligations of both the employer and staff are set down
D. Installing a virus scanner
正解:C
質問 8:
You have an office that designs corporate logos. You have been working on a draft for a large client. Just as you are going to press the <save> button, the screen goes blank. The hard disk is damaged and cannot be repaired. You find an early version of the design in your mail folder and you reproduce the draft for the customer. What is such a measure called?
A. Reductive measure
B. Preventive measure
C. Corrective measure
正解:C
What action is an unintentional human threat?
A. Theft of a laptop
B. Arson
C. Incorrect use of fire extinguishing equipment
D. Social engineering
正解:C
質問 2:
Why do organizations have an information security policy?
A. In order to give direction to how information security is set up within an organization.
B. In order to ensure that staff do not break any laws.
C. In order to demonstrate the operation of the Plan-Do-Check-Act cycle within an organization.
D. In order to ensure that everyone knows who is responsible for carrying out the backup procedures.
正解:A
質問 3:
The consultants at Smith Consultants Inc. work on laptops that are protected by asymmetrical cryptography. To keep the management of the keys cheap, all consultants use the same key pair. What is the companys risk if they operate in this manner?
A. If the public key becomes known all laptops must be supplied with new keys.
B. If the Public Key Infrastructure (PKI) becomes known all laptops must be supplied with new keys.
C. If the private key becomes known all laptops must be supplied with new keys.
正解:C
質問 4:
Some security measures are optional. Other security measures must always be implemented. Which measure(s) must always be implemented?
A. Physical security measures
B. Clear Desk Policy
C. Logical access security measures
D. Measures required by laws and regulations
正解:D
質問 5:
An airline company employee notices that she has access to one of the company's applications that she has not used before. Is this an information security incident?
A. No
B. Yes
正解:A
質問 6:
What is a risk analysis used for?
A. A risk analysis is used in conjunction with security measures to reduce risks to an acceptable level.
B. A risk analysis is used to express the value of information for an organization in monetary terms.
C. A risk analysis is used to ensure that security measures are deployed in a cost-effective and timely fashion.
D. A risk analysis is used to clarify to management their responsibilities.
正解:C
質問 7:
You are the owner of the courier company SpeeDelivery. You employ a few people who, while waiting to make a delivery, can carry out other tasks. You notice, however, that they use this time to send and read their private mail and surf the Internet. In legal terms, in which way can the use of the Internet and e-mail facilities be best regulated?
A. Installing an application that makes certain websites no longer accessible and that filters attachments in e-mails
B. Implementing privacy regulations
C. Drafting a code of conduct for the use of the Internet and e-mail in which the rights and obligations of both the employer and staff are set down
D. Installing a virus scanner
正解:C
質問 8:
You have an office that designs corporate logos. You have been working on a draft for a large client. Just as you are going to press the <save> button, the screen goes blank. The hard disk is damaged and cannot be repaired. You find an early version of the design in your mail folder and you reproduce the draft for the customer. What is such a measure called?
A. Reductive measure
B. Preventive measure
C. Corrective measure
正解:C
松本** -
とりあえずこれさえ取得すれば大丈夫です。一般的に通用します。
私も高得点でISFS試験に合格した。Pass4Testさん、ネットで好評させていただきます。