CSP-Assessor無料問題集「Swift Customer Security Programme Assessor Certification」

質問 1

In the case that nothing has changed in the SWIFT user's infrastructure, is it possible to rely on a previous Independent assessment report without performing another independent assessment? (Select the correct answer)
*Swift Customer Security Controls Policy
*Swift Customer Security Controls Framework v2025
*Independent Assessment Framework
*Independent Assessment Process for Assessors Guidelines
*Independent Assessment Framework - High-Level Test Plan Guidelines
*Outsourcing Agents - Security Requirements Baseline v2025
*CSP Architecture Type - Decision tree
*CSP_controls_matrix_and_high_test_plan_2025
*Assessment template for Mandatory controls
*Assessment template for Advisory controls
*CSCF Assessment Completion Letter
*Swift_CSP_Assessment_Report_Template

（A）Yes, full reliance can be provided if the CISO of the SWIFT user signs a letter which confirms that nothing has changed

（B）No, even if nothing has changed, an independent assessor needs to assess the conditions before being able to rely on the previous year's assessment

（C）Yes, full reliance can be provided without the need of an independent assessment if nothing has changed

（D）No, even if nothing has changed, an independent assessor needs to perform a full assessment including full testing every year

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

What does SWIFT provide? (Select the two correct answers that apply)

（A）A platform for messaging

（B）A high-level programming language

（C）Standards for communicating

（D）Hosting for financial institutions

正解：A、C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

The cluster of VPN boxes is also called managed-customer premises equipment (M-CPE).

（A）FALSE

（B）TRUE

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

Can a Swift user choose to implement the security controls (example: logging and monitoring) in systems which are not directly in scope of the CSCE?

（A）Yes

（B）No

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

How can PKI certificate requests be submitted to SWIFT? (Select the correct answer)
*Connectivity
*Generic
*Products Cloud
*Products OnPrem
*Security

（A）Using an offline method

（B）None of the above

（C）Using an online method

（D）Using both online and offline methods

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

The SWIFT HSM Box must be hardened at the system level by the SWIFT user owning the equipment.
*Swift Customer Security Controls Policy
*Swift Customer Security Controls Framework v2025
*Independent Assessment Framework
*Independent Assessment Process for Assessors Guidelines
*Independent Assessment Framework - High-Level Test Plan Guidelines
*Outsourcing Agents - Security Requirements Baseline v2025
*CSP Architecture Type - Decision tree
*CSP_controls_matrix_and_high_test_plan_2025
*Assessment template for Mandatory controls
*Assessment template for Advisory controls
*CSCF Assessment Completion Letter
*Swift_CSP_Assessment_Report_Template

（A）FALSE

（B）TRUE

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 7

What are the three main objectives of the Customer Security Controls Framework? (Select the correct answer)
*Swift Customer Security Controls Policy
*Swift Customer Security Controls Framework v2025
*Independent Assessment Framework
*Independent Assessment Process for Assessors Guidelines
*Independent Assessment Framework - High-Level Test Plan Guidelines
*Outsourcing Agents - Security Requirements Baseline v2025
*CSP Architecture Type - Decision tree
*CSP_controls_matrix_and_high_test_plan_2025
*Assessment template for Mandatory controls
*Assessment template for Advisory controls

（A）1. Secure and Protect
2. Prevent and Detect
3. Share and Prepare

（B）1. Secure your environment
2. Know and Limit Access
3. Detect and Respond

（C）1. Restrict Internet Access and Protect Critical Systems from General IT Environment
2. Reduce Attack Surface and Vulnerabilities
3. Physically Secure the Environment

（D）1. Raise pragmatically the security bar
2. Maintain appropriate cyber-security hygiene
3. React promptly

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

Which operator session flows are expected to be protected in terms of confidentiality and integrity? (Choose all that apply.)

（A）All sessions towards a Swift related application run by an Outsourcing Agent, a Service Bureau or an L2BA Provider

（B）All sessions towards a secure zone (on-premises or hosted by a third-party or a Cloud Provider)

（C）All sessions to and from a jump server used to access a component in a secure zone

（D）System administrator sessions towards a host running a Swift related component

正解：A、B、C、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

The messaging operator in Alliance Lite2... (Select the two correct answers that apply)
*Connectivity
*Generic
*Products Cloud
*Products OnPrem
*Security

（A）Can create and modify messages

（B）Can assign RBAC roles to RMA operators and messaging operators

（C）Can approve messages

（D）Can approve the Customer Security Officer change requests

正解：A、C 解答を投票する

質問 10

The Internal Audit and an external assessment company are both involved in a SWIFT user's assessment.
Both have shared control assessments to cover the full scope (meaning two separate assessment teams). Who needs to provide a completion letter? (Select the correct answer)
*Swift Customer Security Controls Policy
*Swift Customer Security Controls Framework v2025
*Independent Assessment Framework
*Independent Assessment Process for Assessors Guidelines
*Independent Assessment Framework - High-Level Test Plan Guidelines
*Outsourcing Agents - Security Requirements Baseline v2025
*CSP Architecture Type - Decision tree
*CSP_controls_matrix_and_high_test_plan_2025
*Assessment template for Mandatory controls
*Assessment template for Advisory controls
*CSCF Assessment Completion Letter
*Swift_CSP_Assessment_Report_Template

（A）None of them, it is not required when an internal department was involved in the assessment

（B）The Internal audit lead assessor and the external company lead assessor

（C）The Internal audit lead assessor only

（D）The External company lead assessor only

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

CSP-Assessor 無料問題集「Swift Customer Security Programme Assessor Certification」

弊社を連絡する

関連リンク

トップ試験