問題集は全額返金保証付きのCybersecurity-Audit-Certificate問題集最大50%オフ [Q16-Q35]

問題集は全額返金保証付きのCybersecurity-Audit-Certificate問題集最大50%オフ

更新されたのは2024年01月合格させるCybersecurity-Audit-Certificate試験にはリアル練習テスト問題

質問 # 16
What is the MAIN consideration when storing backup files?

• A. Storing backup files on public cloud storage
• B. Utilizing solid slate device (SSDJ media for quick recovery
• C. Protecting the off-site data backup copies from unauthorized access
• D. Storing copies on-site for ease of access during incident response

正解：C

解説：
Explanation
The MAIN consideration when storing backup files is protecting the off-site data backup copies from unauthorized access. This is because protecting the off-site data backup copies from unauthorized access helps to ensure the confidentiality and integrity of the backup data, and prevent any unauthorized or malicious disclosure, modification, or deletion of the backup data. Protecting the off-site data backup copies from unauthorized access also helps to comply with any regulatory or contractual requirements that may apply to the backup data. The other options are not the main consideration when storing backup files, but rather different aspects or factors that affect the backup process, such as using solid state device (SSD) media (A), storing backup files on public cloud storage (B), or storing copies on-site (D).

質問 # 17
Which of the following is a passive activity that could be used by an attacker during reconnaissance to gather information about an organization?

• A. Social engineering
• B. Scanning the network perimeter
• C. Using open source discovery
• D. Crafting counterfeit websites

正解：C

解説：
Explanation
A passive activity that could be used by an attacker during reconnaissance to gather information about an organization is using open source discovery. This is because open source discovery is a technique that involves collecting and analyzing publicly available information about an organization, such as its website, social media, press releases, annual reports, etc. Open source discovery does not require any direct interaction or communication with the target organization or its systems or network, and therefore does not generate any traffic or alerts that could be detected by the organization's security controls. The other options are not passive activities that could be used by an attacker during reconnaissance to gather information about an organization, but rather active activities that involve direct or indirect interaction or communication with the target organization or its systems or network, such as scanning the network perimeter (B), social engineering C, or crafting counterfeit websites (D).

質問 # 18
Which of the following is a feature of an intrusion detection system (IDS)?

• A. Intrusion prevention
• B. Back doors into applications
• C. Automated response
• D. Interface with firewalls

正解：C

解説：
Explanation
A feature of an intrusion detection system (IDS) is automated response. This is because an IDS is a system that monitors network or system activities for malicious or anomalous behavior, and alerts or reports on any detected incidents. An IDS can also perform automated response actions, such as blocking traffic, terminating sessions, or sending notifications, to contain or mitigate the incidents. The other options are not features of an IDS, but rather different concepts or techniques that are related to intrusion detection or prevention, such as intrusion prevention (A), interface with firewalls C, or back doors into applications (D).

質問 # 19
Which of the following is the GREATEST risk pertaining to sensitive data leakage when users set mobile devices to "always on" mode?

• A. Authorization tokens could be exploited.
• B. An adversary can predict a user's login credentials.
• C. Mobile connectivity could be severely weakened.
• D. A user's behavior pattern can be predicted.

正解：A

解説：
Explanation
The GREATEST risk pertaining to sensitive data leakage when users set mobile devices to "always on" mode is that authorization tokens could be exploited. Authorization tokens are pieces of data that are used to authenticate users and grant them access to certain resources or services. Authorization tokens are often stored on mobile devices to enable seamless and convenient access without requiring users to enter their credentials repeatedly. However, if users set their mobile devices to "always on" mode, they increase the risk of losing their devices or having them stolen by attackers. Attackers can then access the authorization tokens stored on the devices and use them to impersonate the users or access their sensitive data.

質問 # 20
Which of the following is a MAIN benefit of using Security as a Service (SECaaS) providers?

• A. SECaaS providers are compliant with specific security requirements and new regulations.
• B. Available security services from providers are affordable to enterprises of all sizes.
• C. Significant investments and specialized security skills are not required.
• D. Enterprises can use the latest technologies to counter threats that are constantly evolving.

正解：C

解説：
Explanation
A MAIN benefit of using Security as a Service (SECaaS) providers is that significant investments and specialized security skills are not required. SECaaS is a type of cloud service model that provides security solutions and services to customers over the internet. SECaaS providers can offer various security functions such as antivirus, firewall, encryption, identity management, vulnerability scanning, and incident response. By using SECaaS providers, customers can save costs and resources on acquiring, maintaining, and updating security hardware and software. Customers can also leverage the expertise and experience of the SECaaS providers to address their security needs and challenges.

質問 # 21
Which of the following is the MOST cost-effective technique for implementing network security for human resources (HR) desktops and internal laptop users in an organization?

• A. Software defined perimeter
• B. Fortified demilitarized zone
• C. Layer 3 virtual private network
• D. Virtual local area network

正解：D

解説：
Explanation
The MOST cost-effective technique for implementing network security for human resources (HR) desktops and internal laptop users in an organization is using a virtual local area network (VLAN). A VLAN is a logical grouping of network devices that share the same broadcast domain regardless of their physical location or connection. A VLAN can enhance network security by isolating different types of traffic or users from each other and applying different security policies or rules based on the VLAN membership. For example, an organization can create a VLAN for HR desktops and internal laptop users that restricts their access to only HR-related systems or resources. A VLAN can also reduce network costs by saving bandwidth, improving performance, and simplifying management.

質問 # 22
Which of the following is the SLOWEST method of restoring data from backup media?

• A. Incremental backup
• B. Monthly backup
• C. Differential Backup
• D. Full backup

正解：A

解説：
Explanation
The SLOWEST method of restoring data from backup media is an incremental backup. This is because an incremental backup is a type of backup that only copies the files that have been created or modified since the previous backup, whether it was a full or an incremental backup. An incremental backup makes the restoration process slower, as it requires restoring multiple backups in a specific order and sequence, starting from the last full backup and then applying each incremental backup until the desired point in time is reached. The other options are not methods of restoring data from backup media that are slower than an incremental backup, but rather different types of backup procedures that copy files based on different criteria, such as monthly backup (A), full backup (B), or differential backup C.

質問 # 23
A data loss prevention (DLP) program helps protect an organization from:

• A. crypto ransomware infection.
• B. unauthorized access to servers and applications.
• C. exfiltration of sensitive data.
• D. unauthorized data modification.

正解：C

解説：
Explanation
A data loss prevention (DLP) program helps protect an organization from exfiltration of sensitive data. This is because exfiltration of sensitive data is a type of cyberattack that involves stealing or leaking sensitive or confidential information from an organization's systems or networks to an external destination or party.
Exfiltration of sensitive data can cause serious harm to an organization's reputation, operations, finances, legal compliance, etc. A DLP program helps to prevent exfiltration of sensitive data by detecting and blocking any unauthorized or suspicious attempts to access, copy, transfer, or share sensitive data by users or applications.
The other options are not cyberattacks that a DLP program helps protect an organization from, but rather different types of cyberattacks that affect other aspects or objectives of information security, such as crypto ransomware infection (A), unauthorized access to servers and applications (B), or unauthorized data modification C.

質問 # 24
The risk of an evil twin attack on mobile devices is PRIMARILY due to:

• A. generic names that mobile devices will accept without verification.
• B. weak authentication protocols in wireless networks.
• C. tokens stored as plain text in many mobile device applications.
• D. use of data transmission that is not always encrypted.

正解：A

解説：
Explanation
The risk of an evil twin attack on mobile devices is PRIMARILY due to the use of generic names that mobile devices will accept without verification. An evil twin attack is a type of wireless network attack where an attacker sets up a rogue access point that mimics a legitimate one. The attacker can then lure unsuspecting users to connect to the rogue access point and intercept their data or launch further attacks. Mobile devices are vulnerable to evil twin attacks because they often use generic names for their wireless networks, such as "Free WiFi" or "Public Hotspot". These names can be easily spoofed by an attacker and accepted by mobile devices without verifying the identity or security of the access point.

質問 # 25
Which of the following cloud characteristics refers to resource utilization that can be optimized by leveraging charge-per-use capabilities?

• A. Measured service
• B. Elasticity
• C. Resource pooling
• D. On demand self-service

正解：A

解説：
Explanation
The cloud characteristic that refers to resource utilization that can be optimized by leveraging charge-per-use capabilities is measured service. This is because measured service is a characteristic of cloud computing that involves monitoring, controlling, and reporting on the usage and consumption of cloud resources by cloud providers and consumers. Measured service helps to optimize resource utilization by leveraging charge-per-use capabilities, which means that cloud consumers only pay for the amount of resources that they actually use or consume, rather than paying for fixed or predetermined amounts of resources. The other options are not cloud characteristics that refer to resource utilization that can be optimized by leveraging charge-per-use capabilities, but rather different characteristics of cloud computing that describe other aspects or benefits of cloud services, such as on demand self-service (A), elasticity (B), or resource pooling (D).

質問 # 26
Which of the following would provide the BEST basis for allocating proportional protection activities when comprehensive classification is not feasible?

• A. Business dependency assessment
• B. Comprehensive cyber insurance procurement
• C. Single classification level allocation
• D. Business process re-engineering

正解：A

解説：
Explanation
The BEST basis for allocating proportional protection activities when comprehensive classification is not feasible is a business dependency assessment. This is because a business dependency assessment helps to identify the criticality and sensitivity of business processes and their supporting assets, based on their contribution to the organization's objectives and value proposition. This allows for prioritizing protection activities according to the level of risk and impact. The other options are not as effective as a business dependency assessment, because they either use a single classification level allocation (A), which does not account for different levels of risk and impact; require a significant amount of time and resources to perform a business process re-engineering (B); or rely on external parties to cover potential losses without reducing the likelihood or impact of incidents (D).

質問 # 27
Which of the following is a client-server program that opens a secure, encrypted command-line shell session from the Internet for remote logon?

• A. SSH
• B. VPN
• C. SFTP
• D. IPsec

正解：A

解説：
Explanation
The correct answer is C. SSH.
SSH stands for Secure Shell, a client-server program that opens a secure, encrypted command-line shell session from the Internet for remote logon. SSH allows users to remotely access and execute commands on a server without exposing their credentials or data to eavesdropping, tampering or replay attacks. SSH also supports secure file transfer protocols such as SFTP and SCP1.
VPN stands for Virtual Private Network, a technology that creates a secure, encrypted tunnel between two or more devices over a public network such as the Internet. VPN allows users to access resources on a remote network as if they were physically connected to it, while protecting their privacy and identity2.
IPsec stands for Internet Protocol Security, a set of protocols that provides security at the network layer of the Internet. IPsec supports two modes: transport mode and tunnel mode. Transport mode encrypts only the payload of each packet, while tunnel mode encrypts the entire packet, including the header. IPsec can be used to secure VPN connections, as well as other applications that require data confidentiality, integrity and authentication3.
SFTP stands for Secure File Transfer Protocol, a protocol that uses SSH to securely transfer files between a client and a server over a network. SFTP provides encryption, authentication and compression features to ensure the security and reliability of file transfers.
1: SSH (Secure Shell) 2: What is a VPN? How It Works, Types of VPN | Kaspersky 3: IPsec - Wikipedia :
[SFTP - Wikipedia]

質問 # 28
Which of the following backup procedure would only copy files that have changed since the last backup was made?

• A. Incremental backup
• B. Daily backup
• C. Differential backup
• D. Full backup

正解：A

解説：
Explanation
The backup procedure that would only copy files that have changed since the last backup was made is an incremental backup. This is because an incremental backup is a type of backup that only copies the files that have been created or modified since the previous backup, whether it was a full or an incremental backup. An incremental backup helps to reduce the backup time and storage space, as well as the recovery time, as only the changed files need to be restored. The other options are not backup procedures that would only copy files that have changed since the last backup was made, but rather different types of backup procedures that copy files based on different criteria, such as daily backup (B), differential backup C, or full backup (D).

質問 # 29
Which of the following is MOST critical to guiding and managing security activities throughout an organization to ensure objectives are met?

• A. Adopting industry security standards and frameworks
• B. Conducting annual security awareness training for all employees
• C. Allocating a significant amount of budget to security investments
• D. Establishing metrics to measure and monitor security performance

正解：D

解説：
Explanation
The MOST critical thing to guiding and managing security activities throughout an organization to ensure objectives are met is establishing metrics to measure and monitor security performance. This is because metrics provide quantifiable and objective data that can be used to evaluate the effectiveness and efficiency of security activities, as well as identify gaps and areas for improvement. Metrics also enable communication and reporting of security performance to stakeholders, such as senior management, board members, auditors, regulators, customers, etc. The other options are not as critical as establishing metrics, because they either involve spending money without knowing the return on investment (A), adopting standards without customizing them to fit the organization's context and needs (B), or conducting training without assessing its impact on behavior change (D).

質問 # 30
Which of the following is the BEST indication of mature third-party vendor risk management for an organization?

• A. The organization maintains vendor security assessment checklists.
• B. The third party maintains annual assessments of control effectiveness.
• C. The organization's security program follows the thud party's security program.
• D. The third party's security program Mows the organization s security program.

正解：A

解説：
Explanation
The BEST indication of mature third-party vendor risk management for an organization is that the organization maintains vendor security assessment checklists. This is because vendor security assessment checklists help the organization to evaluate and monitor the security posture and performance of their third-party vendors, based on predefined criteria and standards. Vendor security assessment checklists also help the organization to identify and mitigate any gaps or issues in the vendor's security controls or processes.
The other options are not as indicative of mature third-party vendor risk management for an organization, because they either involve following or mimicking the security program of either party without considering their own needs or risks (A, D), or relying on the vendor's self-assessment without independent verification or validation C.

質問 # 31
Which of the following is MOST important to ensure the successful implementation of continuous auditing?

• A. Budget for additional technical resources
• B. Top management support
• C. Budget for additional storage hardware
• D. Surplus processing capacity

正解：B

解説：
Explanation
The MOST important factor to ensure the successful implementation of continuous auditing is top management support. This is because top management support helps to provide the vision, direction, and resources for implementing continuous auditing within the organization. Top management support also helps to overcome any resistance or challenges that may arise from implementing continuous auditing, such as cultural change, stakeholder buy-in, process reengineering, etc. Top management support also helps to ensure that the results and findings of continuous auditing are communicated and acted upon by the relevant decision-makers and stakeholders. The other options are not factors that are more important than top management support for ensuring the successful implementation of continuous auditing, but rather different aspects or benefits of continuous auditing, such as storage hardware (A), technical resources (B), or processing capacity (D).

質問 # 32
Which of the following devices is at GREATEST risk from activity monitoring and data retrieval?

• A. Mobile devices
• B. Cloud storage devices
• C. Printing devices
• D. Desktop workstation

正解：A

解説：
Explanation
The device that is at GREATEST risk from activity monitoring and data retrieval is mobile devices. This is because mobile devices are devices that are portable, wireless, and connected to the Internet or other networks, such as smartphones, tablets, laptops, etc. Mobile devices are at greatest risk from activity monitoring and data retrieval, because they can be easily lost, stolen, or compromised by attackers who can access or extract the data stored or transmitted on the devices. Mobile devices can also be subject to activity monitoring and data retrieval by third-party applications or services that may collect or share the user's personal or sensitive information without their consent or knowledge. The other options are not devices that are at greatest risk from activity monitoring and data retrieval, but rather different types of devices that may have different levels of risk or protection from activity monitoring and data retrieval, such as cloud storage devices (B), desktop workstations C, or printing devices (D).

質問 # 33
An information security procedure indicates a requirement to sandbox emails. What does this requirement mean?

• A. Ensure the emails are encrypted and provide nonrepudiation.
• B. Guarantee rapid email delivery through firewalls.
• C. Provide a backup of emails in the event of a disaster
• D. isolate the emails and test for malicious content

正解：D

解説：
Explanation
An information security procedure that indicates a requirement to sandbox emails means that the emails need to be isolated and tested for malicious content. This is because sandboxing is a technique that creates a virtual or isolated environment, where suspicious or untrusted emails can be executed or analyzed without affecting the rest of the system or network. Sandboxing helps to detect and prevent malware, phishing, or spam attacks that may be embedded in emails, and protect the users and the organization from potential harm. The other options are not what sandboxing emails means, but rather different concepts or techniques that are related to information security, such as encryption and nonrepudiation (A), backup and recovery (B), or firewall and delivery (D).

質問 # 34
Availability can be protected through the use of:

• A. logging, digital signatures, and write protection.
• B. access controls. We permissions, and encryption.
• C. user awareness training and related end-user training.
• D. redundancy, backups, and business continuity management

正解：D

解説：
Explanation
Availability can be protected through the use of redundancy, backups, and business continuity management.
This is because these measures help to ensure that systems, data, and services are accessible and functional at all times, even in the event of a disruption or disaster. The other options are not directly related to protecting availability, but rather focus on enhancing confidentiality (A), integrity C, or awareness (D).

質問 # 35
......

無料ダウンロードISACA Cybersecurity-Audit-Certificateリアル試験問題：https://www.jpntest.com/shiken/Cybersecurity-Audit-Certificate-mondaishu