EX0-105無料問題集「EXIN Information Security Foundation based on ISO/IEC 27002」

質問 1

What do employees need to know to report a security incident?

（A）How to report an incident and to whom.

（B）Who is responsible for the incident and whether it was intentional.

（C）Whether the incident has occurred before and what was the resulting damage.

（D）The measures that should have been taken to prevent the incident in the first place.

正解：A 解答を投票する

質問 2

What is the best way to comply with legislation and regulations for personal data protection?

（A）Performing a vulnerability analysis

（B）Maintaining an incident register

（C）Performing a threat analysis

（D）Appointing the responsibility to someone

正解：D 解答を投票する

質問 3

Which measure assures that valuable information is not left out available for the taking?

（A）Access passes

（B）Infra-red detection

（C）Clear desk policy

正解：C 解答を投票する

質問 4

The Information Security Manager (ISM) at Smith Consultants Inc. introduces the following measures to assure information security:
-The security requirements for the network are specified.
-A test environment is set up for the purpose of testing reports coming from the database.
-The various employee functions are assigned corresponding access rights.
-RFID access passes are introduced for the building.
Which one of these measures is not a technical measure?

（A）Introducing a logical access policy

（B）Introducing RFID access passes

（C）The specification of requirements for the network

（D）Setting up a test environment

正解：B 解答を投票する

質問 5

You are the owner of the courier company SpeeDelivery. You employ a few people who, while waiting to make a delivery, can carry out other tasks. You notice, however, that they use this time to send and read their private mail and surf the Internet. In legal terms, in which way can the use of the Internet and e-mail facilities be best regulated?

（A）Installing an application that makes certain websites no longer accessible and that filters attachments in e-mails

（B）Installing a virus scanner

（C）Drafting a code of conduct for the use of the Internet and e-mail in which the rights and obligations of both the employer and staff are set down

（D）Implementing privacy regulations

正解：C 解答を投票する

質問 6

An employee in the administrative department of Smiths Consultants Inc. finds out that the expiry date of a contract with one of the clients is earlier than the start date. What type of measure could prevent this error?

（A）Technical measure

（B）Availability measure

（C）Integrity measure

（D）Organizational measure

正解：A 解答を投票する

質問 7

Which type of malware builds a network of contaminated computers?

（A）Storm Worm or Botnet

（B）Logic Bomb

（C）Virus

（D）Trojan

正解：A 解答を投票する

質問 8

You are the owner of the SpeeDelivery courier service. Last year you had a firewall installed. You now discover that no maintenance has been performed since the installation. What is the biggest risk because of this?

（A）The risk that hackers can do as they wish on the network without detection

（B）The risk of undesired e-mails

（C）The risk of a virus outbreak

（D）The risk that fire may break out in the server room

正解：A 解答を投票する

質問 9

Why is air-conditioning placed in the server room?

（A）It is not pleasant for the maintenance staff to have to work in a server room that is too warm.

（B）In the server room the air has to be cooled and the heat produced by the equipment has to be extracted. The air in the room is also dehumidified and filtered.

（C）Backup tapes are made from thin plastic which cannot withstand high temperatures. Therefore, if it gets too hot in a server room, they may get damaged.

（D）When a company wishes to cool its offices, the server room is the best place. This way, no office space needs to be sacrificed for such a large piece of equipment.

正解：B 解答を投票する

質問 10

What is an example of a good physical security measure?

（A）Printers that are defective or have been replaced are immediately removed and given away as garbage for recycling.

（B）All employees and visitors carry an access pass.

（C）Maintenance staff can be given quick and unimpeded access to the server area in the event of disaster.

正解：B 解答を投票する

EX0-105 無料問題集「EXIN Information Security Foundation based on ISO/IEC 27002」

弊社を連絡する

関連リンク

トップ試験