[2024年最新] 高合格率な最新無料Cybersecurity-Audit-Certificate試験問題集アンサーを使おう [Q16-Q37]

[2024年最新] 高合格率な最新無料Cybersecurity-Audit-Certificate試験問題集アンサーを使おう

Cybersecurity-Audit-Certificate知能問題集PDF！ISACA Cybersecurity-Audit-Certificate試験問セット

質問 # 16
Which of the following describes specific, mandatory controls or rules to support and comply with a policy?

• A. Frameworks
• B. Guidelines
• C. Standards
• D. Basedine

正解：C

解説：
Explanation
Specific, mandatory controls or rules to support and comply with a policy are known as standards. This is because standards define the minimum level of performance or behavior that is expected from an organization or its employees in order to achieve a policy objective or requirement. Standards also provide clear and measurable criteria for auditing and monitoring compliance with policies. The other options are not specific, mandatory controls or rules to support and comply with a policy, but rather different types of documents or tools that provide guidance or recommendations for implementing policies or controls, such as frameworks (A), guidelines (B), or baselines C.

質問 # 17
A data loss prevention (DLP) program helps protect an organization from:

• A. crypto ransomware infection.
• B. unauthorized access to servers and applications.
• C. unauthorized data modification.
• D. exfiltration of sensitive data.

正解：D

解説：
Explanation
A data loss prevention (DLP) program helps protect an organization from exfiltration of sensitive data. This is because exfiltration of sensitive data is a type of cyberattack that involves stealing or leaking sensitive or confidential information from an organization's systems or networks to an external destination or party.
Exfiltration of sensitive data can cause serious harm to an organization's reputation, operations, finances, legal compliance, etc. A DLP program helps to prevent exfiltration of sensitive data by detecting and blocking any unauthorized or suspicious attempts to access, copy, transfer, or share sensitive data by users or applications.
The other options are not cyberattacks that a DLP program helps protect an organization from, but rather different types of cyberattacks that affect other aspects or objectives of information security, such as crypto ransomware infection (A), unauthorized access to servers and applications (B), or unauthorized data modification C.

質問 # 18
Cyber threat intelligence aims to research and analyze trends and technical developments in which of the following areas?

• A. Cybercrime, hacktism. and espionage
• B. Cybersecurity risk scenarios
• C. Industry-specific security regulator
• D. Cybersecurity operations management

正解：A

解説：
Explanation
Cyber threat intelligence aims to research and analyze trends and technical developments in the areas of cybercrime, hacktivism, and espionage. These are the main sources of malicious cyber activities that pose risks to organizations and individuals. Cyber threat intelligence helps to understand the motivations, capabilities, tactics, techniques, and procedures of various threat actors and groups.

質問 # 19
Which of the following would provide the BEST basis for allocating proportional protection activities when comprehensive classification is not feasible?

• A. Business process re-engineering
• B. Business dependency assessment
• C. Single classification level allocation
• D. Comprehensive cyber insurance procurement

正解：B

解説：
Explanation
The BEST basis for allocating proportional protection activities when comprehensive classification is not feasible is a business dependency assessment. This is because a business dependency assessment helps to identify the criticality and sensitivity of business processes and their supporting assets, based on their contribution to the organization's objectives and value proposition. This allows for prioritizing protection activities according to the level of risk and impact. The other options are not as effective as a business dependency assessment, because they either use a single classification level allocation (A), which does not account for different levels of risk and impact; require a significant amount of time and resources to perform a business process re-engineering (B); or rely on external parties to cover potential losses without reducing the likelihood or impact of incidents (D).

質問 # 20
Which intrusion detection system component is responsible for collecting data in the form of network packets, log files, or system call traces?

• A. Sensors
• B. Administration modules
• C. Packet filters
• D. Analyzers

正解：A

解説：
Explanation
The intrusion detection system component that is responsible for collecting data in the form of network packets, log files, or system call traces is sensors. This is because sensors are components of an intrusion detection system that are deployed on various locations or points of the network or system, such as routers, switches, servers, etc., and that capture and collect data from the network traffic or system activities. Sensors then forward the collected data to another component of the intrusion detection system, such as analyzers, for further processing and analysis. The other options are not components of an intrusion detection system that are responsible for collecting data in the form of network packets, log files, or system call traces, but rather different components or techniques that are related to intrusion detection or prevention, such as packet filters (A), analyzers (B), or administration modules C.

質問 # 21
An IS auditor has learned that a cloud service provider has not adequately secured its application programming interface (API). Which of the following is MOST important for the auditor to consider in an assessment of the potential risk factors?

• A. Denial of service
• B. Identity spoofing and phishing
• C. Resource contention
• D. Confidentiality, integrity, and availability

正解：D

解説：
Explanation
The MOST important thing for an IS auditor to consider in an assessment of the potential risk factors when a cloud service provider has not adequately secured its application programming interface (API) is the impact on the confidentiality, integrity, and availability of the cloud service. An API is a set of rules and protocols that allows communication and interaction between different software components or systems. An API is often used by cloud service providers to enable customers to access and manage their cloud resources and services.
However, if an API is not adequately secured, it can expose the cloud service provider and its customers to various threats, such as unauthorized access, data breaches, tampering, denial-of-service attacks, or malicious code injection.

質問 # 22
The risk of an evil twin attack on mobile devices is PRIMARILY due to:

• A. tokens stored as plain text in many mobile device applications.
• B. weak authentication protocols in wireless networks.
• C. use of data transmission that is not always encrypted.
• D. generic names that mobile devices will accept without verification.

正解：D

解説：
Explanation
The risk of an evil twin attack on mobile devices is PRIMARILY due to the use of generic names that mobile devices will accept without verification. An evil twin attack is a type of wireless network attack where an attacker sets up a rogue access point that mimics a legitimate one. The attacker can then lure unsuspecting users to connect to the rogue access point and intercept their data or launch further attacks. Mobile devices are vulnerable to evil twin attacks because they often use generic names for their wireless networks, such as "Free WiFi" or "Public Hotspot". These names can be easily spoofed by an attacker and accepted by mobile devices without verifying the identity or security of the access point.

質問 # 23
Which of the following is the MOST cost-effective technique for implementing network security for human resources (HR) desktops and internal laptop users in an organization?

• A. Virtual local area network
• B. Fortified demilitarized zone
• C. Layer 3 virtual private network
• D. Software defined perimeter

正解：A

解説：
Explanation
The MOST cost-effective technique for implementing network security for human resources (HR) desktops and internal laptop users in an organization is using a virtual local area network (VLAN). A VLAN is a logical grouping of network devices that share the same broadcast domain regardless of their physical location or connection. A VLAN can enhance network security by isolating different types of traffic or users from each other and applying different security policies or rules based on the VLAN membership. For example, an organization can create a VLAN for HR desktops and internal laptop users that restricts their access to only HR-related systems or resources. A VLAN can also reduce network costs by saving bandwidth, improving performance, and simplifying management.

質問 # 24
One way to control the integrity of digital assets is through the use of:

• A. caching
• B. hashing.
• C. policies.
• D. frameworks.

正解：B

解説：
Explanation
One way to control the integrity of digital assets is through the use of hashing. This is because hashing is a technique that applies a mathematical function to a digital asset, such as a file or a message, and produces a unique and fixed-length value, known as a hash or a digest. Hashing helps to verify the integrity of digital assets, by comparing the hash values before and after transmission or storage, and detecting any changes or modifications to the original asset. The other options are not ways to control the integrity of digital assets, but rather different concepts or techniques that are related to information security, such as policies (A), frameworks (B), or caching C.

質問 # 25
Which of the following features of continuous auditing provides the BEST level of assurance over traditional sampling?

• A. Reports can be generated more frequently for management.
• B. Automated tools provide more reliability than an auditors personal judgment
• C. Continuous auditing tools are less complex for auditors to manage.
• D. Voluminous dale can be analyzed at a high speed to show relevant patterns.

正解：D

解説：
Explanation
The feature of continuous auditing that provides the BEST level of assurance over traditional sampling is that voluminous data can be analyzed at a high speed to show relevant patterns. This is because continuous auditing is a technique that uses automated tools and processes to perform audit activities on a continuous or near-real-time basis, and to analyze large amounts of data from various sources and systems. Continuous auditing helps to provide a higher level of assurance than traditional sampling, by covering the entire population of transactions or events, rather than a subset or sample, and by identifying trends, anomalies, or exceptions that may indicate risks or issues. The other options are not features of continuous auditing that provide the best level of assurance over traditional sampling, but rather different aspects or benefits of continuous auditing, such as reporting frequency (A), reliability (B), or complexity (D).

質問 # 26
Within the NIST core cybersecurity framework, which function is associated with using organizational understanding to minimize risk to systems, assets, and data?

• A. Respond
• B. Identify
• C. Recover
• D. Detect

正解：B

解説：
Explanation
Within the NIST core cybersecurity framework, the identify function is associated with using organizational understanding to minimize risk to systems, assets, and data. This is because the identify function helps organizations to develop an organizational understanding of their cybersecurity risk management posture, as well as the threats, vulnerabilities, and impacts that could affect their business objectives. The other functions are not directly related to using organizational understanding, but rather focus on detecting (A), recovering C, or responding (D) to cybersecurity events.

質問 # 27
Which of the following is the BEST indication of mature third-party vendor risk management for an organization?

• A. The third party maintains annual assessments of control effectiveness.
• B. The third party's security program Mows the organization s security program.
• C. The organization's security program follows the thud party's security program.
• D. The organization maintains vendor security assessment checklists.

正解：D

解説：
Explanation
The BEST indication of mature third-party vendor risk management for an organization is that the organization maintains vendor security assessment checklists. This is because vendor security assessment checklists help the organization to evaluate and monitor the security posture and performance of their third-party vendors, based on predefined criteria and standards. Vendor security assessment checklists also help the organization to identify and mitigate any gaps or issues in the vendor's security controls or processes.
The other options are not as indicative of mature third-party vendor risk management for an organization, because they either involve following or mimicking the security program of either party without considering their own needs or risks (A, D), or relying on the vendor's self-assessment without independent verification or validation C.

質問 # 28
Which of the following is MOST important to ensure the successful implementation of continuous auditing?

• A. Surplus processing capacity
• B. Budget for additional technical resources
• C. Top management support
• D. Budget for additional storage hardware

正解：C

解説：
Explanation
The MOST important factor to ensure the successful implementation of continuous auditing is top management support. This is because top management support helps to provide the vision, direction, and resources for implementing continuous auditing within the organization. Top management support also helps to overcome any resistance or challenges that may arise from implementing continuous auditing, such as cultural change, stakeholder buy-in, process reengineering, etc. Top management support also helps to ensure that the results and findings of continuous auditing are communicated and acted upon by the relevant decision-makers and stakeholders. The other options are not factors that are more important than top management support for ensuring the successful implementation of continuous auditing, but rather different aspects or benefits of continuous auditing, such as storage hardware (A), technical resources (B), or processing capacity (D).

質問 # 29
What is the PRIMARY purpose of creating a security architecture?

• A. To create a long-term information security strategy
• B. To provide senior management a measure of information security maturity
• C. To map out how security controls interact with an organization's systems
• D. To visually show gaps in information security controls

正解：A

解説：
Explanation
The PRIMARY purpose of creating a security architecture is to create a long-term information security strategy that aligns with the organization's business goals and objectives. A security architecture defines the vision, principles, standards, policies, and guidelines for how security will be implemented and managed across the organization's systems, networks, and data.

質問 # 30
Which of the following backup procedure would only copy files that have changed since the last backup was made?

• A. Full backup
• B. Daily backup
• C. Differential backup
• D. Incremental backup

正解：D

解説：
Explanation
The backup procedure that would only copy files that have changed since the last backup was made is an incremental backup. This is because an incremental backup is a type of backup that only copies the files that have been created or modified since the previous backup, whether it was a full or an incremental backup. An incremental backup helps to reduce the backup time and storage space, as well as the recovery time, as only the changed files need to be restored. The other options are not backup procedures that would only copy files that have changed since the last backup was made, but rather different types of backup procedures that copy files based on different criteria, such as daily backup (B), differential backup C, or full backup (D).

質問 # 31
The GREATEST advantage of using a common vulnerability scoring system is that it helps with:

• A. risk prioritization.
• B. risk aggregation.
• C. risk quantification
• D. risk elimination.

正解：A

解説：
Explanation
The GREATEST advantage of using a common vulnerability scoring system is that it helps with risk prioritization. This is because a common vulnerability scoring system provides a standardized and consistent way of measuring and comparing the severity of vulnerabilities, based on their impact and exploitability. This allows organizations to prioritize the remediation of the most critical vulnerabilities and allocate resources accordingly. The other options are not as advantageous as using a common vulnerability scoring system, because they either involve aggregating (A), eliminating C, or quantifying (D) risk, which are not directly related to the scoring system.

質問 # 32
What is the FIRST phase of the ISACA framework for auditors reviewing cryptographic environments?

• A. Evaluation of implementation details
• B. Hands-on testing
• C. Inventory and discovery
• D. Hand-based shakeout

正解：C

解説：
Explanation
The FIRST phase of the ISACA framework for auditors reviewing cryptographic environments is inventory and discovery. This is because the inventory and discovery phase helps auditors to identify and document the scope, objectives, and approach of the audit, as well as the cryptographic assets, systems, processes, and stakeholders involved in the cryptographic environment. The inventory and discovery phase also helps auditors to assess the maturity and effectiveness of the cryptographic governance and management within the organization. The other phases are not the first phase of the ISACA framework for auditors reviewing cryptographic environments, but rather follow after the inventory and discovery phase, such as evaluation of implementation details (A), hands-on testing (B), or risk-based shakeout C.

質問 # 33
Which of the following is an example of an application security control?

• A. Secure coding
• B. User security awareness training
• C. Intrusion detection
• D. Security operations center

正解：A

解説：
Explanation
An example of an application security control is secure coding. Secure coding is the practice of developing software applications that follow security principles and standards to prevent or mitigate common vulnerabilities and risks. Secure coding involves applying techniques such as input validation, output encoding, error handling, encryption, and testing.

質問 # 34
In cloud computing, which type of hosting is MOST appropriate for a large organization that wants greater control over the environment?

• A. Shared hosting
• B. Private hosting
• C. Hybrid hosting
• D. Public hosting

正解：B

解説：
Explanation
In cloud computing, the type of hosting that is MOST appropriate for a large organization that wants greater control over the environment is private hosting. Private hosting is a type of cloud service model where the cloud infrastructure is dedicated to a single organization and hosted either on-premise or off-premise by a third-party provider. Private hosting offers more control over the security, performance, customization, and compliance of the cloud environment than other types of hosting.

質問 # 35
Availability can be protected through the use of:

• A. user awareness training and related end-user training.
• B. redundancy, backups, and business continuity management
• C. access controls. We permissions, and encryption.
• D. logging, digital signatures, and write protection.

正解：B

解説：
Explanation
Availability can be protected through the use of redundancy, backups, and business continuity management.
This is because these measures help to ensure that systems, data, and services are accessible and functional at all times, even in the event of a disruption or disaster. The other options are not directly related to protecting availability, but rather focus on enhancing confidentiality (A), integrity C, or awareness (D).

質問 # 36
Which of the following provides the GREATEST assurance that data can be recovered and restored in a timely manner in the event of data loss?

• A. Backups of information are regularly tested.
• B. Data backups are available onsite for recovery.
• C. The recovery plan is executed during or after an event
• D. full data backup is performed daily.

正解：A

解説：
Explanation
The feature that provides the GREATEST assurance that data can be recovered and restored in a timely manner in the event of data loss is that backups of information are regularly tested. This is because testing backups helps to ensure that they are valid, complete, and usable, and that they can be restored within the expected time frame and without errors or corruption. Testing backups also helps to identify and resolve any issues or problems with the backup process, media, or software. The other options are not features that provide the greatest assurance that data can be recovered and restored in a timely manner in the event of data loss, but rather different aspects or factors that affect the backup process, such as availability (B), execution C, or frequency (D) of backups.

質問 # 37
......

ISACA Cybersecurity-Audit-Certificate問題集PDFを使ってベストオプションを目指そう：https://www.jpntest.com/shiken/Cybersecurity-Audit-Certificate-mondaishu